{"vulnerability": "CVE-2022-2296", "sightings": [{"uuid": "b195c5dd-3921-44d8-9c16-ce45fc359780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "MISP/aeee5c2a-79b3-4319-b954-93581651c784", "content": "", "creation_timestamp": "2022-07-08T06:53:46.000000Z"}, {"uuid": "e47bd27f-3287-4466-98f0-c658f0572b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "87702db1-a690-4756-901b-93e905c00b7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "5690b24d-8171-43ff-b659-fe6d30392800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "64232a2c-9ac3-4dd2-bb99-d20f83b0763d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "MISP/be71b4bd-4071-4e17-bb48-01ca64164811", "content": "", "creation_timestamp": "2024-01-11T14:10:58.000000Z"}, {"uuid": "68227531-f733-4594-a2a8-a108885155d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://msrc.microsoft.com/blog/2022/04/microsofts-response-to-cve-2022-22965-spring-framework/", "content": "", "creation_timestamp": "2022-04-05T05:00:00.000000Z"}, {"uuid": "7d126aee-53c9-470e-8803-e7c5836c85d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971497", "content": "", "creation_timestamp": "2024-12-24T20:30:11.768085Z"}, {"uuid": "2d3ecdac-15d9-4e59-9f91-0982a75d92ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971528", "content": "", "creation_timestamp": "2024-12-24T20:30:41.814206Z"}, {"uuid": "41d56266-d567-4b70-ab8f-4e77db55c4f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971694", "content": "", "creation_timestamp": "2024-12-24T20:32:55.104126Z"}, {"uuid": "1d3c7212-b6e4-4177-b4d7-774b237286b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-15)", "content": "", "creation_timestamp": "2025-01-15T00:00:00.000000Z"}, {"uuid": "747900cd-4d23-4534-b954-772c9d172f08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-22)", "content": "", "creation_timestamp": "2024-12-22T00:00:00.000000Z"}, {"uuid": "f08352ad-3395-4d7d-97f6-0785c4a7f759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "c0785919-82d0-4ee7-a020-22e76b0f66ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-10-25)", "content": "", "creation_timestamp": "2024-10-25T00:00:00.000000Z"}, {"uuid": "647cf77e-f9cd-4c9b-b964-d2b75a9091ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "88598df6-a1ae-4d92-9354-704ab524a5e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "2e8083a8-b5eb-4c6a-afea-99352efe0c69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "f40a4c03-61cd-4fd7-a079-46880f82e252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:44.000000Z"}, {"uuid": "d7c92309-2de7-4d7c-bea9-5fc600de3252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "efb87ec5-45b7-4a19-99f6-48bf5945559e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-07)", "content": "", "creation_timestamp": "2025-02-07T00:00:00.000000Z"}, {"uuid": "21ed4285-2831-4e11-8ade-86182219a35e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "0a33b146-c9d2-44be-b77a-4f137b797512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-21)", "content": "", "creation_timestamp": "2025-02-21T00:00:00.000000Z"}, {"uuid": "935680a9-9f0f-42eb-b1f0-a24bc82b0a2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "92d6c54d-2baa-416e-9d8f-4f7e8ad323d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "dbd2499a-dc19-43f3-848d-7c7f90fce6e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-02)", "content": "", "creation_timestamp": "2025-07-02T00:00:00.000000Z"}, {"uuid": "901c56bd-aa81-4507-a336-89977e05171f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-25)", "content": "", "creation_timestamp": "2025-02-25T00:00:00.000000Z"}, {"uuid": "f15f5b99-a8b0-4e09-b6d9-5eae171a9ac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2022-22965", "type": "seen", "source": "https://infosec.exchange/users/malmoeb/statuses/114728153853100417", "content": "", "creation_timestamp": "2025-06-22T17:18:20.384110Z"}, {"uuid": "4600f3dd-218b-485f-96a5-b7a38f237bd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-12)", "content": "", "creation_timestamp": "2025-07-12T00:00:00.000000Z"}, {"uuid": "228ad9aa-3e1a-4afd-aa39-34f81cbedc98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-03)", "content": "", "creation_timestamp": "2025-07-03T00:00:00.000000Z"}, {"uuid": "8ebce67f-6d81-45b8-8fa2-e44b62008f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "d90a6e5e-e0ca-4acc-abc2-568fe72cce8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:35.000000Z"}, {"uuid": "c0e3617d-62b5-442e-ab88-86d3bd292f9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:35.000000Z"}, {"uuid": "ef35beca-0556-49a4-af77-9cbd8be352de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:35.000000Z"}, {"uuid": "8fab432d-23a6-410b-9a65-6bb77c7c0c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-16)", "content": "", "creation_timestamp": "2025-05-16T00:00:00.000000Z"}, {"uuid": "35271075-7ebc-4d99-ab35-9d13d487c739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "98cd1879-986c-4b13-b70b-c3b0bdf4c1b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://bsky.app/profile/softwaremill.com/post/3lqa4fgd6ns2l", "content": "", "creation_timestamp": "2025-05-28T11:36:21.415264Z"}, {"uuid": "60d7820a-129d-4408-97ba-feb8c80c3dff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-20)", "content": "", "creation_timestamp": "2025-07-20T00:00:00.000000Z"}, {"uuid": "9e163947-987a-4bbf-a3ad-001655e240d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://gist.github.com/snmaddula/16c7860a6c8f4aff82049b1abdbf662f", "content": "", "creation_timestamp": "2025-07-18T15:51:35.000000Z"}, {"uuid": "ac848f1c-95f4-486a-8af3-2d908fb66403", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-09)", "content": "", "creation_timestamp": "2025-06-09T00:00:00.000000Z"}, {"uuid": "714a3327-6a9d-490b-be9a-203585c7816b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-13)", "content": "", "creation_timestamp": "2025-09-13T00:00:00.000000Z"}, {"uuid": "78ebd8bf-eb09-4355-a175-395c91e11045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "dfec0ef8-12cf-4f2d-9ad8-5c45e8b95121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-06)", "content": "", "creation_timestamp": "2025-08-06T00:00:00.000000Z"}, {"uuid": "90516804-70ea-4d9c-84d2-490c01e67eb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-01)", "content": "", "creation_timestamp": "2025-11-01T00:00:00.000000Z"}, {"uuid": "d43e49d5-46cc-4764-a57d-85416931bb64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-28)", "content": "", "creation_timestamp": "2025-11-28T00:00:00.000000Z"}, {"uuid": "a7ccbcd4-074c-4222-9bca-0acd77dcde6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-18)", "content": "", "creation_timestamp": "2025-08-18T00:00:00.000000Z"}, {"uuid": "34b0a8ad-f414-44ea-a4b0-70c48eff0467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-08)", "content": "", "creation_timestamp": "2025-11-08T00:00:00.000000Z"}, {"uuid": "fb8c7bc3-2328-4398-b44b-8d62c842eec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-14)", "content": "", "creation_timestamp": "2025-09-14T00:00:00.000000Z"}, {"uuid": "fb8f32df-50b2-4008-b088-26afcfd70448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-04)", "content": "", "creation_timestamp": "2025-10-04T00:00:00.000000Z"}, {"uuid": "7ed8c989-304a-4e00-8fab-0d8614a54fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-27)", "content": "", "creation_timestamp": "2025-11-27T00:00:00.000000Z"}, {"uuid": "d7170b84-402f-4899-98c6-a2373013e4c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spring_cloud_function_spel_injection.rb", "content": "", "creation_timestamp": "2022-03-31T16:00:06.000000Z"}, {"uuid": "81f2ca8c-4a1e-43cd-b07e-1dda22a90825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-18)", "content": "", "creation_timestamp": "2025-09-18T00:00:00.000000Z"}, {"uuid": "cb923d50-95ce-437d-8ed8-fd1455e5968e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:43.000000Z"}, {"uuid": "ca0d54f7-89de-4f1a-9eab-505d532bccf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:43.000000Z"}, {"uuid": "459ccddc-5442-412d-8058-7a2239ce3e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spring_framework_rce_spring4shell.rb", "content": "", "creation_timestamp": "2022-05-10T14:05:34.000000Z"}, {"uuid": "7926b63d-d2c4-41e3-b2e9-0d221330f6b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-02)", "content": "", "creation_timestamp": "2025-09-02T00:00:00.000000Z"}, {"uuid": "041d1798-059e-4d72-aed0-f08678280f84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:58.000000Z"}, {"uuid": "d1b5b146-6a7f-4536-81eb-fc5c97cae1f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-01)", "content": "", "creation_timestamp": "2025-09-01T00:00:00.000000Z"}, {"uuid": "c96346a7-c45d-4dbc-baaa-8c4a149a363f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/vmware_workspace_one_access_cve_2022_22960.rb", "content": "", "creation_timestamp": "2023-04-19T00:46:28.000000Z"}, {"uuid": "39459e0f-7fda-4b3d-9aaa-68a31fae76d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-01)", "content": "", "creation_timestamp": "2026-03-01T00:00:00.000000Z"}, {"uuid": "39aa231c-54be-4550-8305-d8fb3c7fa15e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://gist.github.com/jonathan-gruber-1/05724c8f2229fceca85cb5694e67abbd", "content": "", "creation_timestamp": "2026-02-13T10:12:10.000000Z"}, {"uuid": "2ee6bae5-c849-418c-847e-a3cfb3a02816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-12)", "content": "", "creation_timestamp": "2026-02-12T00:00:00.000000Z"}, {"uuid": "32dbc0ce-7ea3-4a4e-af96-f17df1584ac0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-09)", "content": "", "creation_timestamp": "2025-12-09T00:00:00.000000Z"}, {"uuid": "f4996dc3-5003-483d-9c09-4e173766c437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "a63c3fb8-5770-409d-9266-828ba171e1ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://gist.github.com/aw-junaid/ed30afd1f8d04325e68a70aa2e002932", "content": "", "creation_timestamp": "2026-01-30T19:25:35.000000Z"}, {"uuid": "6748d9f7-49b6-4c68-904f-009e180980c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://gist.github.com/aw-junaid/ed30afd1f8d04325e68a70aa2e002932", "content": "", "creation_timestamp": "2026-01-30T19:25:35.000000Z"}, {"uuid": "c57d62f3-a4f6-4c2e-9ac8-caab8495201f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-09)", "content": "", "creation_timestamp": "2026-02-09T00:00:00.000000Z"}, {"uuid": "789db4ef-9b21-4b41-9c9e-72a5e2e96657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-17)", "content": "", "creation_timestamp": "2026-02-17T00:00:00.000000Z"}, {"uuid": "68c8f893-3d9a-4f68-a125-5a8a9bfb6b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-10)", "content": "", "creation_timestamp": "2025-12-10T00:00:00.000000Z"}, {"uuid": "2f36b1f2-2262-48d7-8a1a-6b260d3cc2a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "01c69003-c2ff-4b41-ad0e-bd9828799bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-06)", "content": "", "creation_timestamp": "2026-02-06T00:00:00.000000Z"}, {"uuid": "87630470-645b-4b9f-8b5c-7587758bd8a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://bsky.app/profile/cvedatabase.bsky.social/post/3mf7eqhtjsh2b", "content": "", "creation_timestamp": "2026-02-19T10:22:02.343067Z"}, {"uuid": "4c65ab47-dc37-4d53-a45e-0cbb521808dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "302c2a45-84df-44e2-a301-f80a18283e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-18)", "content": "", "creation_timestamp": "2026-02-18T00:00:00.000000Z"}, {"uuid": "5d890bce-5d69-4b5b-b918-4e125175eaab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-27)", "content": "", "creation_timestamp": "2026-03-27T00:00:00.000000Z"}, {"uuid": "3c42874a-e5dc-4bdf-be4d-64359be76143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "f92d6562-598f-4cbf-b835-39d2a6895082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=767", "content": "", "creation_timestamp": "2022-04-01T04:00:00.000000Z"}, {"uuid": "253c9d5d-f1f4-41e5-bde4-918c506d9a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "1d7ac5d3-ff91-45b5-850c-26982730a082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://gist.github.com/magdielpicpay/5bf3ac09f642892655a1aa250b7108aa", "content": "", "creation_timestamp": "2026-03-27T17:44:57.000000Z"}, {"uuid": "6827cfbe-acdb-4b76-bc78-67c28b908828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=791", "content": "", "creation_timestamp": "2022-04-20T04:00:00.000000Z"}, {"uuid": "69496ba0-f408-4c5d-a01a-8b8865c7fa51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "2a24e752-7122-4487-ad48-af47a7eaf897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-21)", "content": "", "creation_timestamp": "2026-01-21T00:00:00.000000Z"}, {"uuid": "d5e3fec6-b81a-4858-a209-e8b7bd5e698d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_6/2022", "content": "", "creation_timestamp": "2022-03-31T09:38:49.000000Z"}, {"uuid": "6e40aa93-683f-4c86-97f2-022fe4d1b28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=791", "content": "", "creation_timestamp": "2022-04-20T04:00:00.000000Z"}, {"uuid": "30298099-d023-45f0-8c00-8745692f8b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=767", "content": "", "creation_timestamp": "2022-04-01T04:00:00.000000Z"}, {"uuid": "05b1cd69-4b21-40a6-ad82-0c8da52befd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=770", "content": "", "creation_timestamp": "2022-04-04T04:00:00.000000Z"}, {"uuid": "2f045d4e-eaa8-4127-8fe1-5b9d33b2d48b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/40a6547f-e20b-4e29-b709-f550acff0889", "content": "", "creation_timestamp": "2026-02-02T12:27:15.145272Z"}, {"uuid": "757b5045-9d5c-49d4-8613-9fa14632b456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-22960", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b7dfd981-0ef6-454b-b333-0a9e251a40e6", "content": "", "creation_timestamp": "2026-02-02T12:27:49.429355Z"}, {"uuid": "c9b3355c-f604-46eb-a629-dd3782f07ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c7e9e0be-415b-432d-87ef-47f41a518a9d", "content": "", "creation_timestamp": "2026-02-02T12:27:53.738489Z"}, {"uuid": "bfbe8019-858c-437d-948c-6bc8a05e892c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-31)", "content": "", "creation_timestamp": "2026-03-31T00:00:00.000000Z"}, {"uuid": "24b282a2-8228-49d3-a1ae-2e1d75f2094f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-01)", "content": "", "creation_timestamp": "2026-04-01T00:00:00.000000Z"}, {"uuid": "95c8a8fd-9559-41bf-9b8a-6f2916f3509d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2142", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965\u5199\u5165\u51b0\u874ewebshell\u811a\u672c\nURL\uff1ahttps://github.com/MrCl0wnLab/Nuclei-Template-Exploit-CVE-2022-1388-BIG-IP-iControl-REST\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-10T04:15:43.000000Z"}, {"uuid": "a27fb9a9-87f4-4f62-ab22-83eccf9d3419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "f4216d83-7872-4b47-a4e9-bec2bee8ce1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "Telegram/4QOnyeYC_lTC0SMJQhtMgvSiM85xnm7m1QqUSxY6BArIyUs", "content": "", "creation_timestamp": "2025-12-23T21:00:05.000000Z"}, {"uuid": "fb2accc3-0bf3-4e48-b0e1-7931436f45af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-02)", "content": "", "creation_timestamp": "2026-04-02T00:00:00.000000Z"}, {"uuid": "9f7be78e-6be6-4b91-94ed-f1edac770d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22968", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2177", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aTesting CVE-2022-22968\nURL\uff1ahttps://github.com/MarcinGadz/spring-rce-poc\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-12T18:30:04.000000Z"}, {"uuid": "fc684c0a-bdee-4ab0-8ddd-960b69082e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "557fc11b-53cc-4946-914b-0683a648a2ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/pEiL-1XWyM7kvZEnILJ6gHpkCQEoAvLTz0BTuqaqHQsP4KA", "content": "", "creation_timestamp": "2025-06-12T03:00:05.000000Z"}, {"uuid": "5141148f-37cb-4d0c-a979-49dc118661df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "e3b6cce4-dcca-4d9e-ab4b-de59f0a050bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1840", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965\nURL\uff1ahttps://github.com/me2nuk/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-04T01:24:15.000000Z"}, {"uuid": "fd69b03f-1a24-44c8-ba6e-9d0c9b039b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1759", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 - CVE-2010-1622 redux\nURL\uff1ahttps://github.com/DDuarte/springshell-rce-poc\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T14:38:31.000000Z"}, {"uuid": "2d209d08-3742-4686-819f-5d4ebb78cd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/cKure/9291", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Update! Spring4Shell Zero-Day Vulnerability CVE-2022-22965: All You Need To Know.\n\nhttps://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html\n\nhttps://jfrog.com/blog/springshell-zero-day-vulnerability-all-you-need-to-know/", "creation_timestamp": "2022-04-06T22:36:57.000000Z"}, {"uuid": "7281a11c-befd-414f-8fc1-6a1e35b29307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1758", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA Proof-of-Concept (PoC) of the Spring Core RCE (Spring4Shell or CVE-2022-22963) in Bash (Linux).\nURL\uff1ahttps://github.com/exploitbin/CVE-2022-22963-Spring-Core-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T14:34:04.000000Z"}, {"uuid": "9bf30ea1-d943-439d-b34e-8b1fc190d1d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1763", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 poc including reverse-shell support\nURL\uff1ahttps://github.com/viniciuspereiras/CVE-2022-22965-poc\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T19:25:03.000000Z"}, {"uuid": "4a4e48ee-c3b6-4329-917f-77fddb86e400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1762", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDockerized Spring4Shell (CVE-2022-22965) PoC application and exploit\nURL\uff1ahttps://github.com/reznok/Spring4Shell-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T19:20:12.000000Z"}, {"uuid": "adf1d761-ed12-47ce-9218-a19fb7d6607e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1761", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring4Shell Proof Of Concept/Information CVE-2022-22965\nURL\uff1ahttps://github.com/BobTheShoplifter/Spring4Shell-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T18:55:44.000000Z"}, {"uuid": "49f9c330-d52d-4fe9-98bd-f897035be897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1748", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Core RCE CVE-2022-22963\nURL\uff1ahttps://github.com/TheGejr/SpringShell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T17:15:03.000000Z"}, {"uuid": "134a1576-031d-4a64-8365-47d77f7d8b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1747", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit\nURL\uff1ahttps://github.com/RanDengShiFu/CVE-2022-22963\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T11:41:57.000000Z"}, {"uuid": "3dcbf479-881f-4fe1-8ad9-29f2ee2f85a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1776", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpringFramework \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1eCVE-2022-22965\nURL\uff1ahttps://github.com/Axx8/SpringFramework_CVE-2022-22965_RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T04:57:57.000000Z"}, {"uuid": "cd82d0cd-6be8-4962-9d91-f480f311da71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1775", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpringFramework \u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1eCVE-2022-22965\nURL\uff1ahttps://github.com/Axx8/SpringFramework_RCE_CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T04:21:47.000000Z"}, {"uuid": "24492407-dcf8-48b2-bd09-5badf5f76f93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1766", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 EXP\nURL\uff1ahttps://github.com/likewhite/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T02:38:06.000000Z"}, {"uuid": "0c69e7ab-d3f9-4884-8da7-8822942a496b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1764", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \\\"SpringShell\\\".\nURL\uff1ahttps://github.com/kh4sh3i/Spring-CVE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T21:02:25.000000Z"}, {"uuid": "af36dd1e-95ee-4563-8ed8-4a6461e748cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2239", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 Spring4Shell research & PoC\nURL\uff1ahttps://github.com/cxzero/CVE-2022-22965-spring4shell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-20T00:20:11.000000Z"}, {"uuid": "dc9e2c32-fbbf-4943-950d-d0c2516dd258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1745", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22963 PoC \nURL\uff1ahttps://github.com/dinosn/CVE-2022-22963\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T05:07:12.000000Z"}, {"uuid": "315dbae9-8401-42a5-a937-f471a8255d85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1853", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aVulnerability scanner for Spring4Shell (CVE-2022-22965)\nURL\uff1ahttps://github.com/fracturelabs/go-scan-spring\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-04T21:10:13.000000Z"}, {"uuid": "46055531-d6af-4d22-970a-6cf261fb113d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1850", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring4Shell - CVE-2022-22965\nURL\uff1ahttps://github.com/twseptian/cve-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-04T16:47:57.000000Z"}, {"uuid": "29233cc7-0e29-4442-9895-850d112525d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1869", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22963 research\nURL\uff1ahttps://github.com/SealPaPaPa/SpringCloudFunction-Research\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-05T17:15:41.000000Z"}, {"uuid": "cc25c822-7d96-4d72-8197-1ba63a80bb8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/60328", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aFully automated Spring4Shell (CVE-2022-22965) + GitLab RCE framework\nURL\uff1ahttps://github.com/mylo-2001/GhostStrike\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-11-20T23:13:17.000000Z"}, {"uuid": "4999a4eb-df86-43b4-80a6-adb8112af859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/spring_cloud_function_cve_2022_22963", "content": "", "creation_timestamp": "2022-07-19T12:00:36.000000Z"}, {"uuid": "f2dd6700-2a90-4e6c-9e8a-327fcbf61264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/spring_framework_cve_2022_22965", "content": "", "creation_timestamp": "2022-04-02T07:43:42.000000Z"}, {"uuid": "7231b46d-2b8a-480c-9f6d-fca58044b8f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1874", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aspring\u6846\u67b6RCE\u6f0f\u6d1e CVE-2022-22965\nURL\uff1ahttps://github.com/k3rwin/spring-core-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-06T08:03:31.000000Z"}, {"uuid": "ee27358a-ea4a-4f52-b7f5-a29c018ffa42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1873", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThe demo code showing the recent Spring4Shell RCE (CVE-2022-22965)\nURL\uff1ahttps://github.com/datawiza-inc/spring-rec-demo\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-06T04:23:33.000000Z"}, {"uuid": "c9edf096-71f5-42b5-b030-0831cfa1e92a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1870", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aHacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well)\nURL\uff1ahttps://github.com/LudovicPatho/CVE-2022-22965_Spring4Shell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-05T21:03:41.000000Z"}, {"uuid": "85b681ea-0a17-49d4-b28d-0ae17dccfc6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1883", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 pocsuite3 POC\nURL\uff1ahttps://github.com/wikiZ/springboot_CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-07T02:41:25.000000Z"}, {"uuid": "97dde259-dee8-4167-9cc5-a3b2bcbb7756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1882", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)\nURL\uff1ahttps://github.com/alt3kx/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-07T01:44:01.000000Z"}, {"uuid": "2c5313d4-cbd6-41e0-bd23-dc2780d1b9da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1915", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring4Shell , Spring Framework RCE (CVE-2022-22965)\nURL\uff1ahttps://github.com/Loneyers/Spring4Shell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-11T12:14:59.000000Z"}, {"uuid": "0cd67081-467c-4f9a-968e-fa87c98eda25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22961", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one!\nURL\uff1ahttps://github.com/kaanymz/2022-04-06-critical-vmware-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T21:40:40.000000Z"}, {"uuid": "6a1683c6-3489-43d0-8e39-22dca72ea0fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1764", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \\\"SpringShell\\\".\nURL\uff1ahttps://github.com/kh4sh3i/Spring-CVE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T21:02:25.000000Z"}, {"uuid": "d0de3472-f5ad-4e7d-a901-813f51286020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1946", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Function SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\uff08CVE-2022-22963\uff09\nURL\uff1ahttps://github.com/k3rwin/spring-cloud-function-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-14T11:20:22.000000Z"}, {"uuid": "521c2c51-5a74-40b8-87b3-311f514e66cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1757", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aspring-core\u5355\u4e2a\u56fe\u5f62\u5316\u5229\u7528\u5de5\u5177\uff0cCVE-2022-22965\u53ca\u4fee\u590d\u65b9\u6848\u5df2\u51fa\nURL\uff1ahttps://github.com/light-Life/CVE-2022-22965-GUItools\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T14:20:55.000000Z"}, {"uuid": "d9cf2f07-2f7f-4ae9-9822-c6f3b7150a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1756", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 : about spring core rce\nURL\uff1ahttps://github.com/Mr-xn/spring-core-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T13:45:50.000000Z"}, {"uuid": "761d5ac7-f7dc-468d-b396-dc3deb8c1b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1749", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a{ Spring Core 0day CVE-2022-22963 }\nURL\uff1ahttps://github.com/stevemats/Spring0DayCoreExploit\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T19:13:42.000000Z"}, {"uuid": "e36b49eb-17c3-4374-a0de-00bd5c9deffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1760", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA Safer PoC for CVE-2022-22965 (Spring4Shell)\nURL\uff1ahttps://github.com/colincowie/Safer_PoC_CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T17:19:03.000000Z"}, {"uuid": "5203f170-10e2-415e-8e90-cbc402800579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1786", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 spring-core\u6279\u91cf\u68c0\u6d4b\u811a\u672c\nURL\uff1ahttps://github.com/chaosec2021/CVE-2022-22965-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T08:39:21.000000Z"}, {"uuid": "c5e9bf70-c335-4630-a945-8e3fab39c27d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1781", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPython Script for exploiting CVE-2022-22965\nURL\uff1ahttps://github.com/0xbughunter/Spring4Shell-Exploit-PoC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T07:12:39.000000Z"}, {"uuid": "4256901a-027a-48d9-8c48-ea18baee3ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1780", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPython Script for exploiting CVE-2022-22965\nURL\uff1ahttps://github.com/0xbughunter/Spring4Shell-Exploit-PoC-\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T07:06:02.000000Z"}, {"uuid": "59bd43b3-1747-4013-9f58-a43180ded5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1778", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring-0day/CVE-2022-22965\nURL\uff1ahttps://github.com/nu0l/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T06:53:51.000000Z"}, {"uuid": "b7e2367e-aa16-4de9-a05a-a2e82ba533f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1800", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Function Vulnerable Application / CVE-2022-22963\nURL\uff1ahttps://github.com/me2nuk/CVE-2022-22963\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T12:56:50.000000Z"}, {"uuid": "fceb1403-c6da-45a9-bdcc-eb05938f2262", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1798", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 Environment\nURL\uff1ahttps://github.com/Joe1sn/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T12:26:43.000000Z"}, {"uuid": "97b01e75-e752-44f8-9ea6-f84d8f69ec33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1794", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPOC for CVE-2022-22963\nURL\uff1ahttps://github.com/AayushmanThapaMagar/CVE-2022-22963\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T10:50:58.000000Z"}, {"uuid": "b2f48580-882a-4f39-8975-7647272b147c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1820", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u6f0f\u6d1eEXP\n\u63cf\u8ff0\uff1aCVE-2022-22965\\\\Spring-Core-RCE\u582a\u6bd4\u5173\u4e8e Apache Log4j2\u6838\u5f39\u7ea7\u522b\u6f0f\u6d1eexp\u7684rce\u4e00\u952e\u5229\u7528\nURL\uff1ahttps://github.com/wjl110/CVE-2022-22965-Spring-Core-RCE.\n\n\u6807\u7b7e\uff1a#\u6f0f\u6d1eEXP", "creation_timestamp": "2022-04-02T09:56:16.000000Z"}, {"uuid": "b289ba32-7fb8-4b1b-a2b5-e8ec510e340b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1817", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 POC\nURL\uff1ahttps://github.com/Wrin9/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-02T03:55:08.000000Z"}, {"uuid": "e8979951-4275-4635-8cd9-1c43b1d74d8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1803", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965\nURL\uff1ahttps://github.com/wshon/spring-framework-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T14:04:23.000000Z"}, {"uuid": "67da42f2-5ad2-4ffa-b08a-572b6fa6f864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1824", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965\\\\Spring-Core-RCE\u582a\u6bd4\u5173\u4e8e Apache Log4j2\u6838\u5f39\u7ea7\u522b\u6f0f\u6d1eexp\u7684rce\u4e00\u952e\u5229\u7528\nURL\uff1ahttps://github.com/drapl0n/dirtypipe\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-02T13:57:25.000000Z"}, {"uuid": "fac1cfb5-0922-45f5-b23e-37e748ed9ff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1821", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u6f0f\u6d1eEXP\n\u63cf\u8ff0\uff1aCVE-2022-22965\\\\Spring-Core-RCE\u582a\u6bd4\u5173\u4e8e Apache Log4j2\u6838\u5f39\u7ea7\u522b\u6f0f\u6d1eexp\u7684rce\u4e00\u952e\u5229\u7528\nURL\uff1ahttps://github.com/wjl110/CVE-2022-22965_Spring_Core_RCE\n\n\u6807\u7b7e\uff1a#\u6f0f\u6d1eEXP", "creation_timestamp": "2022-04-02T10:21:15.000000Z"}, {"uuid": "1a65c4bd-7c5f-4bb2-b49e-09a4191956cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1832", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDocker PoC for CVE-2022-22965 with Spring Boot version 2.6.5\nURL\uff1ahttps://github.com/itsecurityco/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-03T08:44:06.000000Z"}, {"uuid": "4585c653-6abb-4f96-a992-ecef022d4a68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1830", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDocker PoC for CVE-2022-22965 with Spring Boot version 2.6.5\nURL\uff1ahttps://github.com/itsecurityco/CVE-\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-03T06:42:30.000000Z"}, {"uuid": "2154d100-673e-4005-8049-f791542d3b5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1849", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965 (Spring4Shell) Proof of Concept\nURL\uff1ahttps://github.com/sunnyvale-it/CVE-2022-22965-PoC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-04T16:19:21.000000Z"}, {"uuid": "5a0923f3-5961-4dff-9887-7b10c16c1c63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1846", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPowerShell port of CVE-2022-22965 vulnerability check by colincowie.\nURL\uff1ahttps://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-04T10:42:28.000000Z"}, {"uuid": "4c868770-65be-489a-879f-e0a1d961dadb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1899", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aVulnerabilidad RCE en Spring Framework v\u00eda Data Binding on JDK 9+ (CVE-2022-22965 aka \\\"Spring4Shell\\\")\nURL\uff1ahttps://github.com/GuayoyoCyber/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-07T15:53:31.000000Z"}, {"uuid": "a611b443-3828-40ad-86c6-065caa6ea0fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1888", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aspringFramework_CVE-2022-22965_RCE\u7b80\u5355\u5229\u7528\nURL\uff1ahttps://github.com/liangyueliangyue/spring-core-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-07T08:02:41.000000Z"}, {"uuid": "46ee1115-6feb-4da9-a4e3-2226b28003cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1886", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22965\u5199\u5165\u51b0\u874ewebshell\u811a\u672c\nURL\uff1ahttps://github.com/4nth0ny1130/spring4shell_behinder\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-07T03:55:38.000000Z"}, {"uuid": "3bc72d6a-858e-41a3-b32e-40721a162b53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-20)", "content": "", "creation_timestamp": "2026-04-20T00:00:00.000000Z"}, {"uuid": "9b54c206-a77c-475c-8d83-3930a9901aa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-20)", "content": "", "creation_timestamp": "2026-04-20T00:00:00.000000Z"}, {"uuid": "dba7ec38-c697-4090-8a33-3cd8acff6c8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 all in one!\nURL\uff1ahttps://github.com/kaanymz/2022-04-06-critical-vmware-fix\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-01T21:40:40.000000Z"}, {"uuid": "d6c57939-5d7b-4b06-92a4-98692f0ee089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1861", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring has Confirmed the RCE in Spring Framework. The team has just published the statement along with the mitigation guides for the issue. Now, this vulnerability can be tracked as CVE-2022-22965.\nURL\uff1ahttps://github.com/Snip3R69/spring-shell-vuln\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-05T09:43:20.000000Z"}, {"uuid": "d153a688-096d-4063-ad7d-c25b0d52438c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/ihOkiwe6OhHQI2TZ1X3ddAGzem4yCBX0q_BNzRmX2HDnWoU", "content": "", "creation_timestamp": "2025-08-06T15:00:07.000000Z"}, {"uuid": "31c69286-e2ed-485e-b4be-c7158150b83b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/2X-6AWdwekcmM_24a8Co6gPd7Su--giulRASgvOTWAqI1wg", "content": "", "creation_timestamp": "2025-08-02T03:00:05.000000Z"}, {"uuid": "cfa9989b-47ae-42c1-9f4c-24156d251f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2540", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aburpsuite \u7684Spring\u6f0f\u6d1e\u626b\u63cf\u63d2\u4ef6\u3002SpringVulScan\uff1a\u652f\u6301\u68c0\u6d4b\uff1a\u8def\u7531\u6cc4\u9732|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977\nURL\uff1ahttps://github.com/tpt11fb/SpringVulScan\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-20T01:10:15.000000Z"}, {"uuid": "bcbe4be1-19cc-4a7e-a8f9-25ffb939a0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2540", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aburpsuite \u7684Spring\u6f0f\u6d1e\u626b\u63cf\u63d2\u4ef6\u3002SpringVulScan\uff1a\u652f\u6301\u68c0\u6d4b\uff1a\u8def\u7531\u6cc4\u9732|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977\nURL\uff1ahttps://github.com/tpt11fb/SpringVulScan\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-20T01:10:15.000000Z"}, {"uuid": "0b90a109-9226-4bf1-a6fc-425cead23f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2640", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aEXP for Spring4Shell(CVE-2022-22965)\nURL\uff1ahttps://github.com/D1mang/Spring4Shell-CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-05T15:04:11.000000Z"}, {"uuid": "9ac4567e-11f7-4452-aa5f-709187998248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2607", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aspring4shell | CVE-2022-22965\nURL\uff1ahttps://github.com/p1ckzi/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-01T18:37:41.000000Z"}, {"uuid": "02183cd6-5167-417d-b9ff-7edd2b7639fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/JTPMSiIeITdIAco4zqe7AJCP4y0ey6zBic2rAw1xqSNEfqQ", "content": "", "creation_timestamp": "2025-11-14T15:00:07.000000Z"}, {"uuid": "d714557b-2be3-4aef-9c4c-a2c108aa3aea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3647", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u6f0f\u6d1e\u5229\u7528\n\u63cf\u8ff0\uff1aCVE-2022-22965\\\\Spring-Core-RCE\u6838\u5f39\u7ea7\u522b\u6f0f\u6d1e\u7684rce\u56fe\u5f62\u5316GUI\u4e00\u952e\u5229\u7528\u5de5\u5177\uff0c\u57fa\u4e8eJavaFx\u5f00\u53d1\uff0c\u56fe\u5f62\u5316\u64cd\u4f5c\u66f4\u7b80\u5355\uff0c\u63d0\u9ad8\u6548\u7387\u3002\nURL\uff1ahttps://github.com/zangcc/CVE-2022-22965-rexbb\n\n\u6807\u7b7e\uff1a#\u6f0f\u6d1e\u5229\u7528", "creation_timestamp": "2022-12-29T02:21:20.000000Z"}, {"uuid": "1202a493-a665-4351-a62e-4966e5944d05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/56090", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aProof-of-Concept (POC) of a simple firewall in Python designed to mitigate the Spring4Shell (CVE-2022-22965) RCE attack by inspecting and blocking malicious request bodies.\nURL\uff1ahttps://github.com/NickoPS87/Spring4Shell-Python-Firewall-POC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-10-19T10:22:14.000000Z"}, {"uuid": "d632481b-6dfa-4482-9b7c-079b727cd8e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5775", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aSpring4Shell Vulnerability RCE\nURL\uff1ahttps://github.com/LucasPDiniz/CVE-2022-22965\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-11-12T22:17:05.000000Z"}, {"uuid": "322ac547-3edc-4013-b5f4-e0e6d26f5717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1892", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring4Shell PoC (CVE-2022-22965)\nURL\uff1ahttps://github.com/t3amj3ff/Spring4ShellPoC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-07T09:19:17.000000Z"}, {"uuid": "39563bc0-e2aa-4d89-b2d5-cf4303f7dd74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/tKAkyByJyf-3fTR3FIdOGi_BkQgInDQD9nvMF722k6zIU-s", "content": "", "creation_timestamp": "2025-11-21T03:00:06.000000Z"}, {"uuid": "239e239e-209a-468f-b568-c98423157caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/OxC8HR/139", "content": "Invicti Standard 6.4.3.35616 - 4th April 2022\n\nNEW SECURITY CHECKS\n\nAdded Remote Code Execution (CVE-2022-22965) a.k.a. Spring4Shell detection support.", "creation_timestamp": "2022-04-19T17:41:12.000000Z"}, {"uuid": "ff1e74b4-fd57-4ca7-ad7a-25d81a44de53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/OxC8HR/131", "content": "Acunetix v14.7 Build 220401065 - 1st April 2022\n\nCrack - https://t.me/zer0daylab/2381\n\nNew Vulnerability checks\n\n\u2022 Test for Spring4Shell vulnerability (CVE-2022-22965)", "creation_timestamp": "2022-04-19T17:41:11.000000Z"}, {"uuid": "14ffa18d-9692-470a-b1fe-b3e73e9d6086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2266", "content": "CVE-2022-22954 VMware RCE\n\nPython script to exploit CVE-2022-22954 and then exploit CVE-2022-22960. \u0422\u0430\u043a\u0436\u0435 \u0432 \u0441\u0442\u0430\u0442\u044c\u0435 \u0432\u044b \u043d\u0430\u0439\u0434\u0435\u0442\u0435 POC \u0438 Google Dork", "creation_timestamp": "2022-08-14T19:00:09.000000Z"}, {"uuid": "051c8586-71bb-452d-805f-d8686e3313ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/poxek/1237", "content": "SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-05T17:01:37.000000Z"}, {"uuid": "712342ad-cedc-4dc4-9517-412742e7c7cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9233", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965).\n\nhttps://www.rapid7.com/blog/post/2022/03/30/spring4shell-zero-day-vulnerability-in-spring-framework/", "creation_timestamp": "2022-03-31T21:29:30.000000Z"}, {"uuid": "b82768aa-eef1-4371-82c6-d867d93bb4f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3383", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-22965\n\ud83d\udd25 CVSS Score: 9.8 (CVSS_V3)\n\ud83d\udd39 Description: Spring Framework prior to versions 5.2.20 and 5.3.18 contains a remote code execution vulnerability known as `Spring4Shell`. \n\n## Impact\n\nA Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.\n\nThese are the prerequisites for the exploit:\n- JDK 9 or higher\n- Apache Tomcat as the Servlet container\n- Packaged as WAR\n- `spring-webmvc` or `spring-webflux` dependency\n\n## Patches\n\n- Spring Framework [5.3.18](https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18) and [5.2.20](https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE)\n- Spring Boot [2.6.6](https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6) and [2.5.12](https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12)\n\n## Workarounds\n\nFor those who are unable to upgrade, leaked reports recommend setting `disallowedFields` on `WebDataBinder` through an `@ControllerAdvice`. This works generally, but as a centrally applied workaround fix, may leave some loopholes, in particular if a controller sets `disallowedFields` locally through its own `@InitBinder` method, which overrides the global setting.\n\nTo apply the workaround in a more fail-safe way, applications could extend `RequestMappingHandlerAdapter` to update the `WebDataBinder` at the end after all other initialization. In order to do that, a Spring Boot application can declare a `WebMvcRegistrations` bean (Spring MVC) or a `WebFluxRegistrations` bean (Spring WebFlux).\n\ud83d\udccf Published: 2022-03-31T18:30:50Z\n\ud83d\udccf Modified: 2025-01-29T18:38:36Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2022-22965\n2. https://github.com/spring-projects/spring-framework/commit/002546b3e4b8d791ea6acccb81eb3168f51abb15\n3. https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf\n4. https://github.com/spring-projects/spring-boot/releases/tag/v2.5.12\n5. https://github.com/spring-projects/spring-boot/releases/tag/v2.6.6\n6. https://github.com/spring-projects/spring-framework\n7. https://github.com/spring-projects/spring-framework/releases/tag/v5.2.20.RELEASE\n8. https://github.com/spring-projects/spring-framework/releases/tag/v5.3.18\n9. https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\n10. https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement\n11. https://tanzu.vmware.com/security/cve-2022-22965\n12. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67\n13. https://www.kb.cert.org/vuls/id/970766\n14. https://www.oracle.com/security-alerts/cpuapr2022.html\n15. https://www.oracle.com/security-alerts/cpujul2022.html\n16. http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html\n17. http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html", "creation_timestamp": "2025-01-29T19:11:20.000000Z"}, {"uuid": "61442efe-f83d-4732-a6fa-83812ea8c938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-25)", "content": "", "creation_timestamp": "2026-04-25T00:00:00.000000Z"}, {"uuid": "fca51ed9-cde3-4646-8f69-a799577f81bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "833dea86-4e64-41d0-bc3f-79a5d315a471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/42375", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1a\u6f0f\u6d1e\u5229\u7528\n\u63cf\u8ff0\uff1a\uff08CVE-2022-22965\uff09PoC \u5e94\u7528\u7a0b\u5e8f\u548c\u6f0f\u6d1e\u5229\u7528\nURL\uff1ahttps://github.com/ZapcoMan/spring4shell-vulnerable-application\n\n\u6807\u7b7e\uff1a#\u6f0f\u6d1e\u5229\u7528", "creation_timestamp": "2025-06-29T14:35:27.000000Z"}, {"uuid": "bd4c3453-4608-4446-a0fa-0a766def4fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/WYCMWoQh2a8amWFDZuRYNc5-yqtRSMnumOB0fqqFRkWeIok", "content": "", "creation_timestamp": "2025-10-13T09:00:05.000000Z"}, {"uuid": "ca0e19f0-2fdf-4611-b567-8654276c227b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/7-7SqtMFm30y0jLp6y5GamPMKqVSRatpdn_1oTPkVR9xVFo", "content": "", "creation_timestamp": "2025-10-19T15:00:07.000000Z"}, {"uuid": "05f3b9fa-fd25-4a97-bda8-81a8178bd017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1313", "content": "CVE-2022-22965 - vulnerable app and PoC\nhttps://github.com/DDuarte/springshell-rce-poc\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-14T09:02:29.000000Z"}, {"uuid": "225d7f51-ae27-463d-9d18-a7f6200990a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3069", "content": "\u041d\u0435\u0434\u0435\u043b\u044f \u043c\u0435\u0441\u044f\u0446 Spring4Shell \u043e\u0431\u044a\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c\n\nTL;DR\u200b\nTwo RCEs exist and three vectors are being discussed online (one of which is not known to be remotely exploitable).\n\n- Confirmed: \"Spring4Shell\" in Spring Core that has been confirmed by several sources that leverages class injection (very severe),\n- Confirmed: CVE-2022-22963 in Spring Cloud Function (less severe),\n- Unconfirmed: A third weakness that was initially discussed as allowing RCE via Deserialization, but isn't exploitable (not severe currently).\n. . .\nOverview of Vulnerabilities\u200b\n- Spring4Shell: An confirmed RCE in Spring Core <=5.3.17. We're investigating this currently.\n- CVE-2022-22963: A confirmed RCE in Spring Cloud Function (<=3.1.6 and <=3.2.2).\n- An unconfirmed deserialization weakness in Spring Core that could lead to an RCE. (Spring Core <=5.3.17)\n\nSpring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring\nhttps://www.lunasec.io/docs/blog/spring-rce-vulnerabilities", "creation_timestamp": "2022-03-31T06:09:56.000000Z"}, {"uuid": "9ea51bbe-b845-48a8-8db0-cfe99b73f14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3068", "content": "\u041e\u043f\u044f\u0442\u044c \"\u0437\u0435\u0440\u043e\u0434\u0435\u0438\" \u0432 Java \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b\u0438. \u0412\u043f\u0440\u043e\u0447\u0435\u043c \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u043e\u0432\u043e\u0433\u043e.\n\nAs we have already reported the unconfirmed critical vulnerability in the Spring core, leads to remote code execution. We named the vulnerability Spring4Shell because this is something like Log4Shell, actually it is more effective than Log4Shell. \n\nSpring4Shell Details and Exploit code leaked\nhttps://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html\n+\nPoC\nhttps://github.com/dinosn/CVE-2022-22963/blob/main/poc.py", "creation_timestamp": "2022-03-30T21:49:13.000000Z"}, {"uuid": "879fbefb-75a1-4235-a7e5-348c08dd4239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2334", "content": "#\u041f\u041e #CVE #POC\n\nSpring4Shell PoC Application\nCVE-2022-22965\n\n\u042d\u0442\u043e \u0434\u043e\u043a\u0435\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u043a Spring4Shell. \u041f\u043e\u043b\u043d\u044b\u0439 Java-\u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a \u0434\u043b\u044f WAR \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0437\u043c\u0435\u043d\u0435\u043d, WAR \u0431\u0443\u0434\u0435\u0442 \u043f\u0435\u0440\u0435\u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c\u0441\u044f \u043a\u0430\u0436\u0434\u044b\u0439 \u0440\u0430\u0437, \u043a\u043e\u0433\u0434\u0430 \u0441\u043e\u0431\u0438\u0440\u0430\u0435\u0442\u0441\u044f \u043e\u0431\u0440\u0430\u0437 \u0434\u043e\u043a\u0435\u0440\u0430. \u0421\u043e\u0431\u0440\u0430\u043d\u043d\u044b\u0439 WAR \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d Tomcat.", "creation_timestamp": "2022-08-22T13:00:04.000000Z"}, {"uuid": "995ed714-cf8d-43ef-bd75-8c9d9241a9c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/324", "content": "This is a dockerized application that is vulnerable (https://www.kitploit.com/search/label/Vulnerable) to the Spring4Shell vulnerability (https://www.kitploit.com/search/label/Vulnerability) (CVE-2022-22965). Full Java source for the war is provided and modifiable, the war will get re-built whenever the docker image is built. The built WAR will then be loaded by Tomcat. There is nothing special about this application, it's a simple hello world that's based off Spring tutorials (https://spring.io/guides/gs/handling-form-submission/).  Details: https://www.lunasec.io/docs/blog/spring-rce-vulnerabilitiesHaving issues with the POC? Check out the LunaSec fork at: https://github.com/lunasec-io/Spring4Shell-POC, it's more actively maintained.  Requirements    Docker  Python3 + requests library    Instructions    Clone the repository  Build and run the container: docker build . -t spring4shell && docker run -p 8080:8080 spring4shell  App should now be available at http://localhost:8080/helloworld/greeting", "creation_timestamp": "2022-05-10T13:51:22.000000Z"}, {"uuid": "f258a85f-0c27-482a-afb0-ad7bd0e75301", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/322", "content": "Spring4Shell-POC - Dockerized Spring4Shell (CVE-2022-22965) PoC Application And Exploit\nhttp://www.kitploit.com/2022/05/spring4shell-poc-dockerized.html", "creation_timestamp": "2022-05-10T13:51:24.000000Z"}, {"uuid": "5aaf9059-428d-40ab-be00-d4d29ab0821b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1280", "content": "Safer PoC CVE-2022-22965\nA Safer PoC for CVE-2022-22965 (Spring4Shell)\n\u0424\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c:\n- \u0421\u043e\u0437\u0434\u0430\u0435\u0442 \u0444\u0430\u0439\u043b \u0441 \u0438\u043c\u0435\u043d\u0435\u043c CVE_2022-22965_exploited.txt \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 tomcat \u00abwebapps/ROOT\u00bb.\n- \u041e\u043f\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432\u044b\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430\n- \u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 .txt, \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432\u0430\u0448\u0435\u0433\u043e tomcat \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0440\u0443\u0447\u043d\u0443\u044e.\n- \u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u043c\u043e\u0433\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430; \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044e\u0442 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443 \u043e\u0448\u0438\u0431\u043a\u0438 \u0441 HTTP-\u0441\u0442\u0430\u0442\u0443\u0441\u043e\u043c 200\nhttps://github.com/colincowie/Safer_PoC_CVE-2022-22965\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-11T11:00:18.000000Z"}, {"uuid": "d246e9eb-5053-4264-9024-178bf6019237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/poxek/2213", "content": "Exploit for Code Injection in Vmware Spring Framework CVE-2022-22965\n\n\u041f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 Spring MVC \u0438\u043b\u0438 Spring WebFlux, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0435 \u043d\u0430 JDK 9+, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE) \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0438\u0432\u044f\u0437\u043a\u0443 \u0434\u0430\u043d\u043d\u044b\u0445. \u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0442\u0440\u0435\u0431\u0443\u0435\u0442, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u043e \u043d\u0430 Tomcat \u0432 \u0432\u0438\u0434\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f WAR. \u0415\u0441\u043b\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u043e \u043a\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 jar Spring Boot, \u0442.\u0435. \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043e\u043d\u043e \u043d\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430. \u041e\u0434\u043d\u0430\u043a\u043e \u043f\u0440\u0438\u0440\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u043e\u043b\u0435\u0435 \u043e\u0431\u0449\u0430\u044f, \u0438 \u043c\u043e\u0433\u0443\u0442 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0435\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f.", "creation_timestamp": "2022-08-13T21:01:28.000000Z"}, {"uuid": "f62fa4c3-e440-40be-b49c-2980c6ac3a64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1301", "content": "CVE-2022-22965 - vulnerable app and PoC\nhttps://github.com/DDuarte/springshell-rce-poc\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-04-13T07:01:06.000000Z"}, {"uuid": "ae17f6ad-918f-499a-b6f9-afb13c72badb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/poxek/2530", "content": "CVE-2022-22965 aka Spring4Shell\n\n\u0412 \u043a\u043e\u043d\u0446\u0435 \u043c\u0430\u0440\u0442\u0430 2022 \u0433\u043e\u0434\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434  (RCE) \u0432 Java Spring Framework. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0432\u0435\u0431\u0448\u0435\u043b\u043b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440, \u0434\u043e\u0431\u0438\u0432\u0430\u044f\u0441\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435\n\n#\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c  #CVE \n\nCORS | E7 SUBSCRIBE", "creation_timestamp": "2022-10-17T15:19:52.000000Z"}, {"uuid": "5c81e0c2-b388-4483-9702-dcbafc3d8076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6570", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1a\u4e00\u6b3eSpring\u7efc\u5408\u6f0f\u6d1e\u7684\u5229\u7528\u5de5\u5177\uff0c\u5de5\u5177\u76ee\u524d\u652f\u6301Spring Cloud Gateway RCE(CVE-2022-22947)\u3001Spring Framework RCE (CVE-2022-22965) \u7684\u68c0\u6d4b\u4ee5\u53ca\u5229\u7528\uff0c\u76ee\u524d\u4ec5\u4e3a\u7b2c\u4e00\u4e2a\u7248\u672c\uff0c\u540e\u7eed\u4f1a\u6dfb\u52a0\u66f4\u591a\u6f0f\u6d1ePOC\uff0c\u4ee5\u53ca\u66f4\u591a\u7684\u6301\u4e45\u5316\u5229\u7528\u65b9\u5f0f\nURL\uff1ahttps://github.com/charonlight/SpringExploitGUI\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-02-06T09:03:50.000000Z"}, {"uuid": "43dafc2e-657a-411d-a892-6011d8f9281c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/monkey_hacker/28", "content": "\u0420\u0430\u043d\u043e\u0432\u0430\u0442\u043e, \u043d\u043e \u0442\u0430\u043a\u0438 \u0434\u0430\n\u0422\u041e\u041f 10 \u0438\u0437 2022\n\n1. Follina (CVE-2022-30190)\n2. Log4Shell (CVE-2021-44228)\n3. Spring4Shell (CVE-2022-22965)\n4. F5 BIG-IP (CVE-2022-1388)\n5. Google Chrome zero-day (CVE-2022-0609)\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n10. Zyxel RCE vulnerability (CVE-2022-30525)", "creation_timestamp": "2022-11-29T07:00:36.000000Z"}, {"uuid": "ef6dde3b-4435-4519-a20c-f6980d30f045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/purple_medved/147", "content": "Netlas CookBook\n\n\u042f \u0443\u0436\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437 \u043f\u0438\u0441\u0430\u043b \u043f\u0440\u043e Netlas, \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0440\u0435\u0431\u044f\u0442\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0433\u0430\u0439\u0434 \u043a\u0430\u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u043c \u043d\u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u043f\u0440\u0438\u043c\u0435\u0440\u0430\u0445, \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0441 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0434\u043b\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u0434\u0440\u0443\u0433\u043e\u0435 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0435.\n\n\u0418\u0437 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0433\u043e \u0434\u043b\u044f \u0441\u0435\u0431\u044f \u0432\u044b\u0434\u0435\u043b\u0438\u043b:\nPentest\nSearch subdomains - netlas search \"domain:*.github.com OR host:*.github.com\" -f json\nSearch for sites with specific vulnerabilities - netlas search \"cve.name:CVE-2022-22965\" -f json\nSearch for sites with vulnerabilities that contain a certain word in their descriptions - netlas search \"cve.description:weblogic AND cve.has_exploit:true\" -f json\nSearch by server http header - netlas search 'http.headers.server:\"yawcam\"' -f json\nSearch servers with CVEs by favicon hash - netlas search \"http.favicon.hash_sha256:ebaaed8ab7c21856f888117edaf342f6bc10335106ed907f95787b69878d9d9e\" -f json\nSearch servers with CVEs by tag name - netlas search 'tag.name:\"adobe_coldfusion\"' -f json\nSearch vulnerable servers and devices near you (or any other location) - geo.city:London AND cve:*\nSearch for login/admin panels - http.title:admin http.title:panel\nSearch for vulnerable database admin panels - http.title:(phpPgAdmin OR pgadmin) cve:*\nSearch for sites vulnerable to SQL injection - netlas search \"http.body:mysql_fetch_array http.body:warning\" -f json\n\nOSINT\nSearch person's nickname or email in WHOIS contacts - netlas search \"whois.related_nets.contacts.emails:sweetwater*\" -f json\nSearch person's nickname or email in title and body of web page - netlas search \"http.title:sweetwater OR http.body:sweetwater\" -f json\nSearch links to \"juicy info files\" on subdomains of the company's website - netlas search \"uri:*lidl.* AND http.body:pdf\"\nPhone number mentions search - netlas search \"http.body:1?234?567?89?99 OR http.body:12345678999 OR http.body:1234?5678?999\" -f json\nSearch file mentions (looking for content that may be infringing on copyrights) - netlas search \"(http.title:alla OR http.body:alla) AND http.body:*.mp3\" -f json\nDomain WHOIS information gathering - netlas host github.com -f json\nSearch by FTP server's banners text - netlas search 'ftp.banner:\"Collado\"' -f json\nSearch for contact information in SSL certificates - netlas search \"certificate.issuer.street_address:*mcgill*\" -f json\nUsing Netlas as an alternative to the WayBack Machine - http.title:\"github.com\"\nSearch related websites - http.body:UA-23870775\n\nCrypto Investigations\nSearch mining farms - http.headers.www_authenticate:XMR-Stak-Miner\nSearch for websites infected with cryptominers - netlas search \"http.body:coinhive.min.js domain:*\"\nSearch vulnerable Bitcoin nodes - netlas search \"port:8333 cve:*\"\n\n#netlas #assets_management #subdomains_enum", "creation_timestamp": "2023-11-09T13:13:12.000000Z"}, {"uuid": "8f67f801-173a-489a-9390-c8046a3c1e90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/package_security/17", "content": "\u200b\ud83c\udfc6 \u0418\u0442\u043e\u0433\u0438 \u0433\u043e\u0434\u0430\n\n\u041d\u0430\u0441\u0442\u0430\u043b\u043e \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c \u043e \u0440\u0430\u0431\u043e\u0447\u0435\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u0435.\n2\u043a22 \u0433\u043e\u0434 \u043d\u0430\u043a\u043e\u043d\u0435\u0446-\u0442\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u0438\u0442 \u043a \u043a\u043e\u043d\u0446\u0443, \u0430 \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442, \u0447\u0442\u043e \u043f\u043e\u0440\u0430 \u043f\u043e\u0434\u0432\u043e\u0434\u0438\u0442\u044c \u0438\u0442\u043e\u0433\u0438.\n\n\u0423 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u043e\u0432, \u043a\u0430\u043a \u0438 \u0432\u0441\u0435\u0433\u0434\u0430, \u0438\u0442\u043e\u0433\u0438 \u0441\u0432\u043e\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u0435\u0440\u0436\u0438\u0442\u0435 \u0422\u041e\u041f-10 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 2022 \u0433\u043e\u0434\u0443 \u043f\u043e \u0432\u0435\u0440\u0441\u0438\u0438 Cyber Threat Intelligence:\n\n1. Follina (CVE-2022-30190) \n\n2. Log4Shell (CVE-2021-44228) \n\n3. Spring4Shell (CVE-2022-22965) \n\n4. F5 BIG-IP (CVE-2022-1388) \n\n5. Google Chrome zero-day (CVE-2022-0609) \n\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882) \n\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040) \n\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352) \n\n9. Atlassian Confluence RCE flaw (CVE-2022-26134) \n\n10. Zyxel RCE vulnerability (CVE-2022-30525)\n\n\u0411\u0443\u0434\u044c\u0442\u0435 \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u044b, \u0431\u0435\u0440\u0435\u0433\u0438\u0442\u0435 \u0441\u0435\u0431\u044f \u0438 \u0432\u0430\u0448\u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\nP.S. \u041d\u0438\u0436\u0435 \u0435\u0441\u0442\u044c \u043f\u0438\u043a\u0447\u0430 \u0441 \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u044b\u043c\u0438 \u0438\u043a\u043e\u043d\u043a\u0430\u043c\u0438\n\n#\u041f\u043e\u043b\u0435\u0437\u043d\u043e\u0435\n\n\u041f\u0430\u043a\u0435\u0442 \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438", "creation_timestamp": "2022-12-16T15:56:36.000000Z"}, {"uuid": "febf5323-cade-4b33-997a-4b7944e6cedf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1765", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring4Shell - Spring Core RCE - CVE-2022-22965\nURL\uff1ahttps://github.com/mebibite/springhound\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T00:51:08.000000Z"}, {"uuid": "e399f0e6-58e1-4407-90b2-b4c0c8b45fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1847", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aIntentionally vulnerable Spring app to test CVE-2022-22965\nURL\uff1ahttps://github.com/fracturelabs/spring4shell_victim\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-04T14:04:15.000000Z"}, {"uuid": "fb6204c9-7a88-4b57-96c0-930ac1bef8eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1841", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aNmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965) \nURL\uff1ahttps://github.com/gpiechnik2/nmap-spring4shell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-04T05:25:16.000000Z"}, {"uuid": "2568dc44-8fa5-4403-b9e0-db342084cc1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1958", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aspring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963\nURL\uff1ahttps://github.com/hktalent/spring-spel-0day-poc\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-15T16:44:46.000000Z"}, {"uuid": "ef0d6671-ff34-495e-9b02-0fba89a4e192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2356", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPython script to exploit CVE-2022-22954 and then exploit CVE-2022-22960\nURL\uff1ahttps://github.com/Chocapikk/CVE-2022-22954\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-01T19:38:01.000000Z"}, {"uuid": "37f62d08-c58b-4cf3-9387-26cf1c2742ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/cJEcDU9cf4Dk8Ba7quvMkUZfv4A1JE3RWzAD-VOFLtw7nw", "content": "", "creation_timestamp": "2023-11-02T15:04:03.000000Z"}, {"uuid": "65b1e5a4-25ba-4507-b039-4e29b6bceae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/7uMgWpHzIXHq-VKY85VruH5IgcO7HESNbhCEg894JKVdBb8", "content": "", "creation_timestamp": "2025-06-28T15:00:05.000000Z"}, {"uuid": "72723574-bd29-4502-96ab-884f553c285a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22968", "type": "seen", "source": "https://t.me/cvedetector/8293", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38820 - Apache Struts Case Insensitive Validation Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38820 \nPublished : Oct. 18, 2024, 6:15 a.m. | 40\u00a0minutes ago \nDescription : The fix for CVE-2022-22968 made disallowedFields\u00a0patterns in DataBinder\u00a0case insensitive. However, String.toLowerCase()\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected. \nSeverity: 3.1 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T09:23:24.000000Z"}, {"uuid": "9ed11764-1a62-4c79-aa1a-6e4a883379b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/cJEcDU9cf4Dk8Ba7quvMkUZfv4A1JE3RWzAD-VOFLtw7nw", "content": "", "creation_timestamp": "2023-11-02T15:04:03.000000Z"}, {"uuid": "83dd41db-f396-41d5-9f88-eceec4499d28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/ctinow/49690", "content": "SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965\n\nhttps://ift.tt/rIi4Ome", "creation_timestamp": "2022-04-05T03:16:14.000000Z"}, {"uuid": "cb1ba174-1af8-4ab2-b0f3-80d295fb4f0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/ctinow/49944", "content": "CVE-2022-22965: Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware\n\nhttps://ift.tt/gLyOosX", "creation_timestamp": "2022-04-08T11:06:51.000000Z"}, {"uuid": "457683b4-b304-4809-85c6-ef9e79da2018", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/ctinow/50545", "content": "Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners\n\nhttps://ift.tt/7KY2l01", "creation_timestamp": "2022-04-20T17:06:47.000000Z"}, {"uuid": "96b667b4-b6a5-48ce-b6fb-91eecad4e918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/ctinow/50527", "content": "Spring4Shell Vulnerability CVE-2022-22965 Exploited to Deploy Cryptocurrency Miners\n\nhttps://ift.tt/7KY2l01", "creation_timestamp": "2022-04-20T13:46:52.000000Z"}, {"uuid": "ec0f0b00-df51-4c13-8116-c1c4fa3e85c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/ctinow/49662", "content": "Spring4Shell (CVE-2022-22965): details and mitigations\n\nhttps://ift.tt/JZjNE2p", "creation_timestamp": "2022-04-04T17:41:32.000000Z"}, {"uuid": "dcd8a7f2-b77b-45f7-9e67-c4614f93ae59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/ctinow/49661", "content": "Spring4Shell (CVE-2022-22965): details and mitigations\n\nhttps://ift.tt/JZjNE2p", "creation_timestamp": "2022-04-04T17:37:02.000000Z"}, {"uuid": "dff7c680-8862-464a-bc5f-896135b75047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/V7m6dyWJdYDSJe7SKroRfeJFuGytvG7wnZqZe-y0JOsicXA", "content": "", "creation_timestamp": "2023-03-20T18:22:35.000000Z"}, {"uuid": "40efd127-fd0b-490d-acf5-77b2ca1f9704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "Telegram/zQEct_B6_afl0ZrnDAVic-SCcczOhA723w0bBoq0o0P4", "content": "", "creation_timestamp": "2023-11-09T15:15:24.000000Z"}, {"uuid": "58176737-51e0-4c9d-8c50-850ab0e8641a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "Telegram/Al5s1pu9DlCNMnH7rJt2q5NFKP_tt6i0TJLpRuR3HfdnDhA", "content": "", "creation_timestamp": "2022-12-05T04:24:48.000000Z"}, {"uuid": "b842ee8b-e3fd-470b-9128-c1d6bb086e91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/KY4PVd45dzhnz_l3x8aBIZwbkHWB1w1Cp1_7dnD8vo88jQ", "content": "", "creation_timestamp": "2023-11-20T04:04:42.000000Z"}, {"uuid": "669ac4a9-3d02-4ff7-b636-142686ef5618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/KY4PVd45dzhnz_l3x8aBIZwbkHWB1w1Cp1_7dnD8vo88jQ", "content": "", "creation_timestamp": "2023-11-20T04:04:42.000000Z"}, {"uuid": "e4243429-dd03-4d69-b8a2-1437ac44e4e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/270", "content": "\ud83d\uddbc\ufe0f \ud83d\udd04 Moriarty v1.2\n\n\u0427\u0435\u043a\u0435\u0440 CVEs \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 C# \u0434\u043b\u044f \u041e\u0421 \ud83c\udfe0 Windows\n\n\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\nWindows 10 (Versions: 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, 22H1, 22H2)\nWindows 11 (Versions: 21H2, 22H1, 22H2, 23H1)\nWindows Server 2016, 2019, 2022\n\n\u0421\u043f\u0438\u0441\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (35):\nMS10-015\nMS10-092\nMS13-053\nMS13-081\nMS14-058\nMS15-051\nMS15-078\nMS16-016\nMS16-032\nMS16-034\nMS16-135\nCVE-2017-7199\nCVE-2019-0836\nCVE-2019-0836\nCVE-2019-1064\nCVE-2019-1130\nCVE-2019-1253\nCVE-2019-1315\nCVE-2019-1385\nCVE-2019-1388\nCVE-2019-1405\nCVE-2020-0668\nCVE-2020-0683\nCVE-2020-0796\nCVE-2020-1013\nCVE-2020-1013\nCVE-2021-26855\nCVE-2021-26857\nCVE-2021-26858\nCVE-2021-27065\nCVE-2021-44228\nCVE-2021-36934\nCVE-2022-40140\nCVE-2022-22965\nCVE-2023-36664\n\n1.2 added:\n2023-23397\n2022-34718\n\n\ud83d\udc49 \u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u043e\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 \u043f\u043e CVE\n\n!poc CVE-2019-1064\n\n\ud83d\udcbb Home\n\n\u0414\u043b\u044f \u0441\u0431\u043e\u0440\u043a\u0438 \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u0442\u0441\u044f Visual Studio \u0438 .NET Framework 4.8 Developer Pack\n\n#moriarty #checker #csharp\n\n\u2708\ufe0f // Pentest HaT \ud83c\udfa9", "creation_timestamp": "2024-05-03T09:04:40.000000Z"}, {"uuid": "fa0708f8-750a-4491-afff-4a9f13ca59cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/pt_soft/243", "content": "\ud83d\uddbc\ufe0f Moriarty v1.1\n\n\u0427\u0435\u043a\u0435\u0440 CVEs \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 C# \u0434\u043b\u044f \u041e\u0421 \ud83c\udfe0 Windows\n\n\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\nWindows 10 (Versions: 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, 22H1, 22H2)\nWindows 11 (Versions: 21H2, 22H1, 22H2, 23H1)\nWindows Server 2016, 2019, 2022\n\n\u0421\u043f\u0438\u0441\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (35):\nMS10-015\nMS10-092\nMS13-053\nMS13-081\nMS14-058\nMS15-051\nMS15-078\nMS16-016\nMS16-032\nMS16-034\nMS16-135\nCVE-2017-7199\nCVE-2019-0836\nCVE-2019-0836\nCVE-2019-1064\nCVE-2019-1130\nCVE-2019-1253\nCVE-2019-1315\nCVE-2019-1385\nCVE-2019-1388\nCVE-2019-1405\nCVE-2020-0668\nCVE-2020-0683\nCVE-2020-0796\nCVE-2020-1013\nCVE-2020-1013\nCVE-2021-26855\nCVE-2021-26857\nCVE-2021-26858\nCVE-2021-27065\nCVE-2021-44228\nCVE-2021-36934\nCVE-2022-40140\nCVE-2022-22965\nCVE-2023-36664\n\n\ud83d\udc49 \u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u043e\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 \u043f\u043e CVE\n\n!poc CVE-2019-1064\n\n\ud83d\udcbb Home\n\n\u0414\u043b\u044f \u0441\u0431\u043e\u0440\u043a\u0438 \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u0442\u0441\u044f Visual Studio \u0438 .NET Framework 4.8 Developer Pack\n\n#moriarty #checker #csharp\n\n\u2708\ufe0f // Pentest HaT \ud83c\udfa9", "creation_timestamp": "2024-03-15T08:58:02.000000Z"}, {"uuid": "46480259-1143-4e9b-b616-c37948ec98bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/6uuFptL0AU_OXfQ4jiWecY6X8pi_-oVvCdmHzfgcM_ivtPc", "content": "", "creation_timestamp": "2025-01-07T06:50:33.000000Z"}, {"uuid": "364555ea-224a-437f-a758-04a7eef51e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/arpsyndicate/154", "content": "#ExploitObserverAlert\n\nCVE-2022-22965\n\nDESCRIPTION: Exploit Observer has 359 entries related to CVE-2022-22965. A Spring MVC or Spring WebFlux application running on JDK 9  may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.\n\nFIRST-EPSS: 0.975020000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-13T06:33:24.000000Z"}, {"uuid": "d84bdba9-bc9b-4d44-a97a-781629b06bb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/arpsyndicate/907", "content": "#ExploitObserverAlert\n\nCVE-2022-22965\n\nDESCRIPTION: Exploit Observer has 363 entries related to CVE-2022-22965. A Spring MVC or Spring WebFlux application running on JDK 9  may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.\n\nFIRST-EPSS: 0.974510000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-03T00:54:09.000000Z"}, {"uuid": "062295c6-fcf1-4d18-a9f8-aace72eedff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/204", "content": "vx-underground\n\u043f\u0430\u0440\u043e\u043b\u044c: infected\npassword: infected", "creation_timestamp": "2022-03-31T22:40:58.000000Z"}, {"uuid": "3a8c13d5-67d5-4b71-b2d4-9e84942281d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "seen", "source": "https://t.me/arpsyndicate/1405", "content": "#ExploitObserverAlert\n\nCVE-2022-22960\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2022-22960. VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.\n\nFIRST-EPSS: 0.000780000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-05T05:57:03.000000Z"}, {"uuid": "53db0f93-bcdd-472e-8c49-8ab546ee6035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/203", "content": "|CVE-2022-22963|\n\ud83d\udd25Spring4Shell.\n\ud83d\udca5CVSS:9.0\nrce 0-day exploit found-in spring cloud\nspring4shellFAQ\nSpring4Shell scan\nPoCApp\n\nA critical security vulnerability has bloomed in the Spring Cloud Function, which could lead to remote code execution (RCE) and the compromise of an entire internet-connected host.\n\n\u041f\u043e\u043a\u0430 \u0447\u0442\u043e \u043e\u0442 Spring \u043d\u0435\u0442  \u0433\u043e\u0442\u043e\u0432\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u043f\u043e\u043d\u0438\u0437\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e jdk.\n\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e \u0430\u0440\u0445\u0438\u0432 \u043e\u0442 vx-underground \u043d\u0438\u0436\u0435.\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043f\u0430\u0442\u0447, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f.\n\nSo far, there is no ready-made patch from Spring, as a temporary measure, it is advised to downgrade the jdk version.\nI attach the archive from vx-underground below.\nLink to the patch , which is currently being developed.\n\nThe exploit is easy to execute using the curl command:\ncurl -i -s -k -X $\u2019POST\u2019 -H $\u2019Host: 192.168.1.2:8080\u2032 -H $\u2019spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec(\\\u201dtouch /tmp/test\u201d)\u2019 \u2013data-binary $\u2019exploit_poc\u2019 $\u2019http://192.168.1.2:8080/functionRouter\u2019\n#cve #exploit", "creation_timestamp": "2022-04-14T01:24:45.000000Z"}, {"uuid": "87bdbcc5-3e0b-431e-a573-89fb5251bf0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/gK2RrbPVq5WKWqo6KBx6xshJNMtGXFgsdrpvJzEqhcsPpnE", "content": "", "creation_timestamp": "2025-02-03T16:00:09.000000Z"}, {"uuid": "48793a93-7abe-41b2-bca9-c07bfa2900ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3510", "content": "https://github.com/sule01u/SBSCAN\n\nspring Penetration testing framework support\nCVE-2018-1273\nCVE-2019-3799\nCVE-2020-5410\nCVE-2022-22947\nCVE-2022-22963\nCVE-2022-22965", "creation_timestamp": "2023-11-03T08:19:51.000000Z"}, {"uuid": "6c1d9450-0a57-418c-84c5-89d71d6bce59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/ARC15INFO/301", "content": "New Spring Framework RCE  Vulnerability Confirmed - What to do?\n\nEarly Wednesday morning (GMT), allegations began to appear on the internet about a new remote code execution flaw that affects Spring Framework. This vulnerability, dubbed by some as \"Springshell\" in the community, is a new, previously unknown security vulnerability. It has been added to Sonatype data as SONATYPE-2022-1764 and given the designation CVE-2022-22965. Spring have acknowledged the vulnerability and released 5.3.18 and 5.2.20 to patch the issue. We recommend an immediate upgrade for all users.\n\nNOTE: A separate Spring vulnerability CVE-2022-22963 (High) disclosed a few days ago impacts Spring Cloud Function. This is a Spring Expression language SpEL vulnerability in Spring Cloud Function and is NOT related to \"Springshell\" that impacts Spring.\n\nhttps://blog.sonatype.com/new-0-day-spring-framework-vulnerability-confirmed\n\n\ud83d\udce1@cRyPtHoN_INFOSEC_FR\n\ud83d\udce1@cRyPtHoN_INFOSEC_EN\n\ud83d\udce1@cRyPtHoN_INFOSEC_DE\n\ud83d\udce1@BlackBox_Archiv", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "1ce91e10-bcd7-4a5f-89a8-fc19aa492edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/ARC15INFO/301", "content": "New Spring Framework RCE  Vulnerability Confirmed - What to do?\n\nEarly Wednesday morning (GMT), allegations began to appear on the internet about a new remote code execution flaw that affects Spring Framework. This vulnerability, dubbed by some as \"Springshell\" in the community, is a new, previously unknown security vulnerability. It has been added to Sonatype data as SONATYPE-2022-1764 and given the designation CVE-2022-22965. Spring have acknowledged the vulnerability and released 5.3.18 and 5.2.20 to patch the issue. We recommend an immediate upgrade for all users.\n\nNOTE: A separate Spring vulnerability CVE-2022-22963 (High) disclosed a few days ago impacts Spring Cloud Function. This is a Spring Expression language SpEL vulnerability in Spring Cloud Function and is NOT related to \"Springshell\" that impacts Spring.\n\nhttps://blog.sonatype.com/new-0-day-spring-framework-vulnerability-confirmed\n\n\ud83d\udce1@cRyPtHoN_INFOSEC_FR\n\ud83d\udce1@cRyPtHoN_INFOSEC_EN\n\ud83d\udce1@cRyPtHoN_INFOSEC_DE\n\ud83d\udce1@BlackBox_Archiv", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "220fadef-4f28-4abc-8ff8-df12ceeb3433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/ARC15INFO/331", "content": "Spring4Shell (CVE-2022-22965): details and mitigations.\n\nLast week researchers found the critical vulnerability CVE-2022-22965 in Spring \u2013 the open source Java framework. Using the vulnerability, an attacker can execute arbitrary code on a remote web server, which makes CVE-2022-22965 a critical threat, given the Spring framework\u2019s popularity. By analogy with the infamous Log4Shell threat, the vulnerability was named Spring4Shell.\n\nCVE-2022-22965 and CVE-2022-22963: technical details\n\nCVE-2022-22965 (Spring4Shell, SpringShell) is a vulnerability in the Spring Framework that uses data binding functionality to bind data stored within an HTTP request to certain objects used by an application. The bug exists in the getCachedIntrospectionResults method, which can be used to gain unauthorized access to such objects by passing their class names via an HTTP request.\n\nhttps://securelist.com/spring4shell-cve-2022-22965/106239/\n\n\ud83d\udce1@cRyPtHoN_INFOSEC_FR\n\ud83d\udce1@cRyPtHoN_INFOSEC_EN\n\ud83d\udce1@cRyPtHoN_INFOSEC_DE\n\ud83d\udce1@BlackBox_Archiv", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "1e1be19e-fff7-4bb9-a8dd-b0c8323f0611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/ARC15INFO/331", "content": "Spring4Shell (CVE-2022-22965): details and mitigations.\n\nLast week researchers found the critical vulnerability CVE-2022-22965 in Spring \u2013 the open source Java framework. Using the vulnerability, an attacker can execute arbitrary code on a remote web server, which makes CVE-2022-22965 a critical threat, given the Spring framework\u2019s popularity. By analogy with the infamous Log4Shell threat, the vulnerability was named Spring4Shell.\n\nCVE-2022-22965 and CVE-2022-22963: technical details\n\nCVE-2022-22965 (Spring4Shell, SpringShell) is a vulnerability in the Spring Framework that uses data binding functionality to bind data stored within an HTTP request to certain objects used by an application. The bug exists in the getCachedIntrospectionResults method, which can be used to gain unauthorized access to such objects by passing their class names via an HTTP request.\n\nhttps://securelist.com/spring4shell-cve-2022-22965/106239/\n\n\ud83d\udce1@cRyPtHoN_INFOSEC_FR\n\ud83d\udce1@cRyPtHoN_INFOSEC_EN\n\ud83d\udce1@cRyPtHoN_INFOSEC_DE\n\ud83d\udce1@BlackBox_Archiv", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "3cafba17-729b-43fc-84cf-f6e2a34e613b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3510", "content": "https://github.com/sule01u/SBSCAN\n\nspring Penetration testing framework support\nCVE-2018-1273\nCVE-2019-3799\nCVE-2020-5410\nCVE-2022-22947\nCVE-2022-22963\nCVE-2022-22965", "creation_timestamp": "2023-11-03T08:19:51.000000Z"}, {"uuid": "bcb0ac31-ac9a-40ed-ab1b-9c2f63a9d6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/eaglecyberwashere/63", "content": "Spring4Shell 0Day Exploit RCE\nCVE-2022-22965\n\nDetails: https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities\n\nRequirements:\n- Python3 + pip install requests\n\nCommand : \npython exploit.py --url \"http://site.com\"\n\nAcces shell :\nste.com//shell.jsp?cmd=id\n\nDownload : in comment\n\n#DontForgetToShare", "creation_timestamp": "2022-12-22T17:52:36.000000Z"}, {"uuid": "0197fa2c-7822-43f7-867c-63ffc7d9824d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/BABATATASASA/7356", "content": "Spring4Shell (CVE-2022-22965): Are you vulnerable to this Zero Day? - Securin\nhttps://www.securin.io/articles/spring4shell-the-next-log4j/", "creation_timestamp": "2025-02-20T21:57:00.000000Z"}, {"uuid": "fdc846f5-65fb-46cd-bb7f-91eb2335a3bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/Redscriptteam/3962", "content": "RCE graphical GUI one-click exploitation tool\n\nhttps://github.com/zangcc/CVE-2022-22965-rexbb\nCVE-2022-22965\\Spring-Core-\n\nPrivate: @vpn809", "creation_timestamp": "2023-09-29T17:25:40.000000Z"}, {"uuid": "f2e58274-2be3-4a33-9020-c82a87071d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/11398", "content": "https://github.com/darryk10/CVE-2022-22963", "creation_timestamp": "2022-03-31T14:14:34.000000Z"}, {"uuid": "82a338ab-4d81-442f-a1fb-66cdb8fec9da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/RESOLUTEATTACK/303", "content": "CVE-2022-22965 aka Spring4Shell\n\n\u0412 \u043a\u043e\u043d\u0446\u0435 \u043c\u0430\u0440\u0442\u0430 2022 \u0433\u043e\u0434\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434  (RCE) \u0432 Java Spring Framework. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0432\u0435\u0431\u0448\u0435\u043b\u043b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440, \u0434\u043e\u0431\u0438\u0432\u0430\u044f\u0441\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435\n\n#\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438  #CVE \n\nCORS | E7 SUBSCRIBE", "creation_timestamp": "2023-01-05T21:50:44.000000Z"}, {"uuid": "d43cc124-a30d-4b8e-9a8a-8bed1d04047e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/108", "content": "CVE-2022-22965 : Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware\nhttps://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html", "creation_timestamp": "2022-04-11T16:45:24.000000Z"}, {"uuid": "4de15735-3545-43f0-bc2d-19ed91e6934b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/qxbEBfVMGrP2q6iErZM22aABSaMWHKEFbtXSfHnHNnS0JZo", "content": "", "creation_timestamp": "2022-04-07T05:01:17.000000Z"}, {"uuid": "417174f0-d51e-4dc9-beb8-13cd45e3d6ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "Telegram/kmsYLGx21ItfIzCYH15walH70qRmNeNTmDtiFbw7JkzsEYY", "content": "", "creation_timestamp": "2022-04-06T04:53:44.000000Z"}, {"uuid": "b98856fa-693a-415c-a2de-01e64d54e099", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "Telegram/nNB8suzppNVgURXIHRoohy6GAgvNXUiO5vPYOSwWYBnSlSI", "content": "", "creation_timestamp": "2022-04-05T13:42:03.000000Z"}, {"uuid": "7d8b588e-24e5-4610-b338-f2089b9b947c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/763", "content": "Log4Shell ? NO\nSpring4Shell ? YES\nCVE-2022-22963  Spring Cloud Function Spel RCE  \nspring.cloud.function.routing-expression: T(java.lang.Runtime).getRuntime().exec(\"xcalc\")\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0434\u044b\u0440\u043a\u0438 - \u0442\u0443\u0442\nPOC -  \u0440\u0435\u0441\u0451\u0440\u0447\u0435\u0440\u044b POC \u0437\u0430\u0436\u0430\u043b\u0438, \u043d\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u0437\u0430\u0431\u043e\u0442\u043b\u0438\u0432\u043e \u043f\u0440\u0438\u0433\u043e\u0442\u043e\u0432\u0438\u043b\u0438)))", "creation_timestamp": "2022-03-30T16:35:25.000000Z"}, {"uuid": "b0bbf65a-a539-4d5f-9f7b-91bb3c349607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/proxy_bar/1190", "content": "\u0420\u0430\u043d\u043e\u0432\u0430\u0442\u043e, \u043d\u043e \u0442\u0430\u043a\u0438 \u0434\u0430\n\u0422\u041e\u041f 10 \u0438\u0437 2022\n\n1. Follina (CVE-2022-30190)\n2. Log4Shell (CVE-2021-44228)\n3. Spring4Shell (CVE-2022-22965)\n4. F5 BIG-IP (CVE-2022-1388)\n5. Google Chrome zero-day (CVE-2022-0609)\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n10. Zyxel RCE vulnerability (CVE-2022-30525)", "creation_timestamp": "2022-11-29T06:36:16.000000Z"}, {"uuid": "5167894f-7f60-45db-b1b1-3d6195ef88e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "Telegram/scnVkFfAGTbQlKqoB-no-oQI8cQLsl_kXBoyZPiIU-BtIvU", "content": "", "creation_timestamp": "2023-09-29T16:22:10.000000Z"}, {"uuid": "722e6b3d-b9dc-49a2-95a4-262f81ef0a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "Telegram/8yasABRsBeQ7_fA7ekcVN5-Bf6YalSSK4RwFtvSF2nNKkrM", "content": "", "creation_timestamp": "2022-12-06T17:10:12.000000Z"}, {"uuid": "6b0f3c85-e020-46e2-ae26-1f83b5168ba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL_Chat/11315", "content": "https://tanzu.vmware.com/security/cve-2022-22965", "creation_timestamp": "2022-03-31T17:11:31.000000Z"}, {"uuid": "2dfd9a3b-7bc1-4f71-9c47-ab69db414a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1244", "content": "Spring4Shell and Spring Cloud RCE vulnerability Scanner\n\n#RCE #payloads #vulnerabilities #Spring4Shell #CVE-2022-22963\n#AttackSurfaceDiscovery #SpringCloud #vulnerability #Scanner\n#BugBounty #Hacking #security #Fuzzing #Exploit #Proxy #WAF\n\nhttps://reconshell.com/spring4shell-and-spring-cloud-rce-vulnerability-scanner/", "creation_timestamp": "2022-04-11T20:48:01.000000Z"}, {"uuid": "6907436d-dcad-4490-b385-721d70b9f168", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2296", "type": "seen", "source": "https://t.me/true_secator/3130", "content": "Google \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u0439 \u0437\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u0433\u043e\u0434 0-day \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Chrome.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f 103.0.5060.114 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0432 \u043a\u0430\u043d\u0430\u043b\u0435 Stable Desktop \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2022-2294, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0421\u043f\u0435\u0448\u043d\u043e \u0437\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u043a\u0443\u0447\u0438\u00a0\u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 WebRTC, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 01 \u0438\u044e\u043b\u044f \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u042f\u043d \u0412\u043e\u0439\u0442\u0435\u0441\u0435\u043a \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b Avast Threat Intelligence. \u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0430\u0440\u044c\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0442 RCE \u0434\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a CVE-2022-2294 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Chrome \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b: CVE-2022-2295, \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0443 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 V8, \u0438 CVE-2022-2296, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 Chrome OS.\n\n\u0412 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 Chrome 103 (103.0.5060.71) \u0434\u043b\u044f Android \u0441\u043a\u043e\u0440\u043e \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0438 \u043d\u0430 Google Play.\n\n\u0414\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043e\u0440\u0433\u0430\u043d\u0438\u0447\u0435\u043d \u0434\u043e \u0442\u0435\u0445, \u043f\u043e\u0440 \u043f\u043e\u043a\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0435 \u043d\u0430\u043a\u0430\u0442\u044f\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0441 \u0447\u0435\u043c \u043c\u044b \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u0437\u0430\u0442\u044f\u0433\u0438\u0432\u0430\u0442\u044c.", "creation_timestamp": "2022-07-05T11:15:46.000000Z"}, {"uuid": "3ad079b5-2f76-4a1b-9265-6b67809915a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://t.me/true_secator/2793", "content": "\u200b\u200b\u0412\u0441\u0442\u0440\u0435\u0447\u0430\u0439\u0442\u0435, Spring4Shell. \u041f\u0440\u0430\u0432\u0434\u0430, \u0435\u0441\u043b\u0438 \u0441\u0440\u0430\u0432\u043d\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e RCE \u0432 Java Spring Framework \u0441 Log4Shell, \u044d\u0444\u0444\u0435\u043a\u0442 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0437\u0432\u0430\u0442\u044c \u0431\u043e\u043c\u0431\u043e\u0439, \u0442\u043e \u043d\u043e\u0432\u0430\u044f 0-Day \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e \u043d\u0430 \u044d\u0442\u043e\u043c \u0444\u043e\u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u043a\u0430\u043a \u0441\u0432\u044f\u0437\u043a\u0430 \u043f\u0435\u0442\u0430\u0440\u0434.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0441\u0440\u0435\u0434\u0435 Spring \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u0435\u043a\u0438\u0439 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u0430 GitHub\u00a0\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0438\u043b \u0432\u043c\u0435\u0441\u0442\u0435 \u0441\u043e \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430\u043c\u0438.\n\nSpring - \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Java EE (Enterprise Edition), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0431\u044b\u0441\u0442\u0440\u043e \u0438 \u043b\u0435\u0433\u043a\u043e \u0438\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438  \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Apache Tomcat, \u0432 \u0432\u0438\u0434\u0435 \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c\u0438 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Praetorian, \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Spring Core \u0432 Java Development Kit (JDK) \u0432\u0435\u0440\u0441\u0438\u0438 9 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a\u00a0CVE-2010-1622, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.  \n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0435 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Spring.io, \u0434\u043e\u0447\u0435\u0440\u043d\u044f\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f VMware, \u0432\u043e\u0432\u0441\u044e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0430\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\u00a0\n\n\u041d\u043e\u0432\u0430\u044f \u0431\u0430\u0433\u0430 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0434\u0432\u0443\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0432 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 Spring Framework (CVE-2022-22950) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 Spring Cloud (CVE-2022-22963). Spring RCE \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\nPraetorian \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439 \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0442\u043e\u0447\u043a\u0430 \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c DataBinder (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0437\u0430\u043f\u0440\u043e\u0441 POST, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0442\u0435\u043b\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430) \u0438 \u0441\u0438\u043b\u044c\u043d\u043e \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u043e\u0432 \u0434\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \n\n\u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u043e\u0433\u0434\u0430 Spring \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u043d\u0430 Apache Tomcat, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d WebAppClassLoader, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u044b\u0432\u0430\u0442\u044c \u0433\u0435\u0442\u0442\u0435\u0440\u044b \u0438 \u0441\u0435\u0442\u0442\u0435\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 JSP-\u0444\u0430\u0439\u043b \u043d\u0430 \u0434\u0438\u0441\u043a. \u041e\u0434\u043d\u0430\u043a\u043e, \u0435\u0441\u043b\u0438 Spring \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u043e\u0432 Tomcat, \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u2014 \u044d\u0442\u043e LaunchedURLClassLoader, \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d.\n\n\u0412 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u0440\u043e\u0441\u0442\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u043b \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 POST \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\u00a0\n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 Flashpoint, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Spring Core \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043d\u0435\u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c.\u00a0\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0431\u0443\u0434\u0435\u0442 \u043d\u0430\u0439\u0442\u0438 \u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 DeserializationUtils.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, Rapid7 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0430\u043a\u0438\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c. ISAC \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0435\u0449\u0435 \u043d\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0442\u0435\u0441\u0442\u044b \u0438 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c PoC \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438 RCE.\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430 \u0423\u0438\u043b\u043b\u0430 \u0414\u043e\u0440\u043c\u0430\u043d\u043d\u0430 \u0438\u0437 CERT/CC, \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Spring4Shell \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432\u0441\u0435 \u0436\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u0443\u0435\u0442 \u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \u0412\u043e\u043e\u0431\u0449\u0435, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 BleepingComputer, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u0430\u0442\u0430\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f\u043c\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0430 Spring Core DataBinder.", "creation_timestamp": "2022-03-31T16:01:37.000000Z"}, {"uuid": "77e05f0d-dcbe-474b-a0ae-2d363c7822de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/true_secator/2830", "content": "Trend Micro \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c Mirai. \u041f\u0435\u0440\u0432\u044b\u043c\u0438 \u0430\u0442\u0430\u043a\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u043a\u043e\u043b\u043b\u0435\u0433\u0438 \u0438\u0437 Qihoo 360.\n\n\u0412 \u044d\u0442\u043e\u043c \u043f\u043b\u0430\u043d\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0432\u0435\u0441\u044c\u043c\u0430 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u0441\u0432\u0435\u0436\u0438\u0435 CVE \u0432 \u0441\u0432\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043a\u0430\u043a \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0440\u0430\u043d\u0435\u0435 \u0441 Log4Shell.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 CVE-2022-22965 \u0438 CVE-2022-22963 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 Java-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Spring, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \n\n\u041a\u0430\u0441\u0430\u0435\u043c\u043e Mirai \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell, \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e Mirai \u0432 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0440\u0435\u0433\u0438\u043e\u043d\u0435 \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440\u0430. \u041e\u0431\u0440\u0430\u0437\u0435\u0446 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0441\u044f \u0432 \u043f\u0430\u043f\u043a\u0443 \u00ab/tmp\u00bb \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b\u0441\u044f \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0433\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u00abchmod\u00bb.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u043e \u0442\u043e, \u0447\u0442\u043e Spring4Shell \u043d\u0435 \u0442\u0430\u043a \u0448\u0438\u0440\u043e\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430, \u043a\u0430\u043a Log4Shell, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0435 \u0436\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u043c\u043d\u043e\u0433\u0438\u0445, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c, \u043f\u043e\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u041f\u041e \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442 \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u044f Spring4Shell\u00a0\u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0438 \u0433\u043e\u0442\u043e\u0432\u044f\u0442 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0442\u0447\u0438.", "creation_timestamp": "2022-04-11T13:47:47.000000Z"}, {"uuid": "05199918-73b5-4d37-8f5b-b2f4f3fae6a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/true_secator/2830", "content": "Trend Micro \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c Mirai. \u041f\u0435\u0440\u0432\u044b\u043c\u0438 \u0430\u0442\u0430\u043a\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u043a\u043e\u043b\u043b\u0435\u0433\u0438 \u0438\u0437 Qihoo 360.\n\n\u0412 \u044d\u0442\u043e\u043c \u043f\u043b\u0430\u043d\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0432\u0435\u0441\u044c\u043c\u0430 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u0441\u0432\u0435\u0436\u0438\u0435 CVE \u0432 \u0441\u0432\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043a\u0430\u043a \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0440\u0430\u043d\u0435\u0435 \u0441 Log4Shell.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 CVE-2022-22965 \u0438 CVE-2022-22963 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 Java-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Spring, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \n\n\u041a\u0430\u0441\u0430\u0435\u043c\u043e Mirai \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell, \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e Mirai \u0432 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0440\u0435\u0433\u0438\u043e\u043d\u0435 \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440\u0430. \u041e\u0431\u0440\u0430\u0437\u0435\u0446 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0441\u044f \u0432 \u043f\u0430\u043f\u043a\u0443 \u00ab/tmp\u00bb \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b\u0441\u044f \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0433\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u00abchmod\u00bb.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u043e \u0442\u043e, \u0447\u0442\u043e Spring4Shell \u043d\u0435 \u0442\u0430\u043a \u0448\u0438\u0440\u043e\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430, \u043a\u0430\u043a Log4Shell, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0435 \u0436\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u043c\u043d\u043e\u0433\u0438\u0445, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c, \u043f\u043e\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u041f\u041e \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442 \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u044f Spring4Shell\u00a0\u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0438 \u0433\u043e\u0442\u043e\u0432\u044f\u0442 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0442\u0447\u0438.", "creation_timestamp": "2022-04-11T13:47:47.000000Z"}, {"uuid": "a33629a1-74b1-4928-ab75-321a8b07e74f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://t.me/true_secator/2816", "content": "\u0415\u0441\u043b\u0438 \u043c\u044b \u043e\u0431\u044b\u0447\u043d\u043e \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u043b\u0438\u0441\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0437\u043e\u043b\u043e\u0442\u044b\u0445 72 \u0447\u0430\u0441\u043e\u0432, \u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0435 \u0441\u043e Spring4Shell \u043e\u0431 \u044d\u0442\u043e\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430\u0431\u044b\u0442\u044c.\n\u00a0\n\u041f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044b \u0432 \u043f\u0435\u0440\u0432\u044b\u0435 \u0436\u0435 \u0434\u043d\u0438 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2022-22965. \u0415\u0449\u0435 \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u00a0\u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\u00a0\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0438\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22963, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e Spring Cloud, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434.\u00a0\u0422\u0440\u0435\u0442\u044c\u0435\u0439 \u0434\u044b\u0440\u043e\u0439 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22950, DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\u00a0\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 Check Point, \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 37 000 \u0430\u0442\u0430\u043a Spring4Shell. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u0430\u044f \u0448\u0435\u0441\u0442\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f Spring4Shell, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041d\u0430 \u043f\u0435\u0440\u0432\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u043f\u043e \u0447\u0438\u0441\u043b\u0443 \u0436\u0435\u0440\u0442\u0432 - \u0415\u0432\u0440\u043e\u043f\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 20%. \n\u00a0\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u043c\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430 \u0434\u043e\u043b\u044e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 28% \u043e\u0442 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\u00a0\n\u041f\u043e\u043a\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u0432\u0441\u0435\u043c\u0435\u0441\u0442\u043d\u043e \u0437\u0430\u043d\u044f\u0442\u044b \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u0432\u043b\u0438\u044f\u043d\u0438\u044f Spring4Shell \u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 RCE \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0445\u043e\u0434\u043e\u043c. \u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u043c\u043e\u043c\u0435\u043d\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043a\u0430\u043a \u0434\u043b\u044f Spring4Shell, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f CVE-2022-22963.\n\u00a0\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u00a0\u0432\u0435\u0440\u0441\u0438\u0438 Spring Framework 5.3.18 \u0438 5.2.20, \u0430 \u0442\u0430\u043a\u0436\u0435 Spring Boot 2.5.12, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0448\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 RCE, \u0430\u00a0\u0442\u0430\u043a\u0436\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e.\u00a0\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u044d\u0442\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e CVE-2022-22963 \u0438 CVE-2022-22947 \u0432 Spring Cloud Function \u0438 Spring Cloud Gateway.", "creation_timestamp": "2022-04-06T20:32:36.000000Z"}, {"uuid": "1126cbac-41f4-4e9b-8ecd-7218575e7412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/true_secator/2816", "content": "\u0415\u0441\u043b\u0438 \u043c\u044b \u043e\u0431\u044b\u0447\u043d\u043e \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u043b\u0438\u0441\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0437\u043e\u043b\u043e\u0442\u044b\u0445 72 \u0447\u0430\u0441\u043e\u0432, \u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0435 \u0441\u043e Spring4Shell \u043e\u0431 \u044d\u0442\u043e\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430\u0431\u044b\u0442\u044c.\n\u00a0\n\u041f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044b \u0432 \u043f\u0435\u0440\u0432\u044b\u0435 \u0436\u0435 \u0434\u043d\u0438 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2022-22965. \u0415\u0449\u0435 \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u00a0\u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\u00a0\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0438\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22963, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e Spring Cloud, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434.\u00a0\u0422\u0440\u0435\u0442\u044c\u0435\u0439 \u0434\u044b\u0440\u043e\u0439 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22950, DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\u00a0\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 Check Point, \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 37 000 \u0430\u0442\u0430\u043a Spring4Shell. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u0430\u044f \u0448\u0435\u0441\u0442\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f Spring4Shell, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041d\u0430 \u043f\u0435\u0440\u0432\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u043f\u043e \u0447\u0438\u0441\u043b\u0443 \u0436\u0435\u0440\u0442\u0432 - \u0415\u0432\u0440\u043e\u043f\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 20%. \n\u00a0\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u043c\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430 \u0434\u043e\u043b\u044e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 28% \u043e\u0442 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\u00a0\n\u041f\u043e\u043a\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u0432\u0441\u0435\u043c\u0435\u0441\u0442\u043d\u043e \u0437\u0430\u043d\u044f\u0442\u044b \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u0432\u043b\u0438\u044f\u043d\u0438\u044f Spring4Shell \u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 RCE \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0445\u043e\u0434\u043e\u043c. \u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u043c\u043e\u043c\u0435\u043d\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043a\u0430\u043a \u0434\u043b\u044f Spring4Shell, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f CVE-2022-22963.\n\u00a0\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u00a0\u0432\u0435\u0440\u0441\u0438\u0438 Spring Framework 5.3.18 \u0438 5.2.20, \u0430 \u0442\u0430\u043a\u0436\u0435 Spring Boot 2.5.12, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0448\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 RCE, \u0430\u00a0\u0442\u0430\u043a\u0436\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e.\u00a0\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u044d\u0442\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e CVE-2022-22963 \u0438 CVE-2022-22947 \u0432 Spring Cloud Function \u0438 Spring Cloud Gateway.", "creation_timestamp": "2022-04-06T20:32:36.000000Z"}, {"uuid": "e07ccf4b-d4d9-4beb-947e-3040c3a0307c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/true_secator/2810", "content": "VMware \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE \u0432 \u0441\u0440\u0435\u0434\u0435 Java Spring Core, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a CVE-2022-22965 \u0438\u043b\u0438 \u0436\u0435 Spring4Shell.\n\n\u0411\u0430\u0433\u0430 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 9,8 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0439 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439. \n\n\u041f\u0440\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e PoC \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u0430, \u044d\u0442\u043e\u043c\u0443 \u0442\u0430\u043a\u0436\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u0441\u0442\u0432\u0443\u0435\u0442 \u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 Spring Framework. \u041f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043a VMware \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Spring MVC \u0438 Spring WebFlux, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 JDK 9+.\u00a0\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0442\u0440\u0435\u0431\u0443\u0435\u0442, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b\u043e\u0441\u044c \u043d\u0430 Tomcat \u043a\u0430\u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 WAR, \u0445\u043e\u0442\u044f \u0442\u043e\u0447\u043d\u044b\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u0441\u0435 \u0435\u0449\u0435 \u0438\u0437\u0443\u0447\u0430\u044e\u0442\u0441\u044f.\n\n\u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 VMware \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u043e\u0438\u0441\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u0421\u043f\u0438\u0441\u043e\u043a \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 VMware, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 Spring4Shell, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e \u043c\u0435\u0440\u0435 \u0440\u0435\u0432\u0438\u0437\u0438\u0438 \u043a\u043e\u0434\u0430. \n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a Spring4Shell: \u0441\u043b\u0443\u0436\u0431\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 VMware Tanzu \u0434\u043b\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u2014 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 2.10 \u043f\u043e 2.13; VMware Tanzu Operations Manager \u2014 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 2.8 \u043f\u043e 2.9; VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) \u2014 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441 1.11 \u043f\u043e 1.13.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0441\u043f\u0435\u043b\u0438 \u0437\u0430\u043b\u0430\u0442\u0430\u0442\u044c \u0434\u044b\u0440\u044b \u043b\u0438\u0448\u044c \u0432 \u043f\u0435\u0440\u0432\u044b\u0445 \u0434\u0432\u0443\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445, \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0442\u043e\u043a \u0432\u0435\u0440\u0441\u0438\u0439 \u0441 \u0442\u043e\u0447\u0435\u0447\u043d\u044b\u043c\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u043c\u0438, \u043d\u043e \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f VMware Tanzu Kubernetes Grid Integrated Edition \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0435.\n\n\u041f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0447\u0442\u043e Spring4Shell \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0430 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 VMware \u0432\u0441\u0435 \u0436\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u043e\u0442\u0435\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435, \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e \u043f\u0440\u0438\u0441\u043b\u0443\u0448\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u0434\u0430\u043d\u043d\u043e\u043c \u044d\u0442\u0430\u043f\u0435 \u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u043e \u0442\u0435\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e.", "creation_timestamp": "2022-04-05T20:04:35.000000Z"}, {"uuid": "b35e7d55-b64c-481c-a893-0fb816d481c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://t.me/NeKaspersky/2088", "content": "\u041a\u0430\u0442\u0430\u0441\u0442\u0440\u043e\u0444\u0430 \u043d\u0430 Java-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Spring \u0438\u043b\u0438 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell\n\n\u041d\u043e\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell (CVE-2022-22965) \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \u0415\u0451 \u0441\u0440\u0430\u0437\u0443 \u043e\u0442\u043d\u0435\u0441\u043b\u0438 \u043a \u043a\u043b\u0430\u0441\u0441\u0443 RCE (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0435\u043c\u043e\u043c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435, \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0438 \u0442.\u043f.) \u0438 \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 9.8 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS v3.0. \u0412 \u043d\u043e\u0447\u044c \u0441\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u043d\u0430 \u0441\u0440\u0435\u0434\u0443 \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0423\u0436\u0435 \u0432 \u0441\u0440\u0435\u0434\u0443 \u043d\u0430 GitHub \u043d\u0435\u043d\u0430\u0434\u043e\u043b\u0433\u043e \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442. \u0415\u0441\u0442\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043a\u043e\u0434 \u0443\u0441\u043f\u0435\u043b\u0438 \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u043e \u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438.\n\n\u0421\u0430\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Spring Core \u0432 Java Development Kit (JDK) \u0432\u0435\u0440\u0441\u0438\u0438 9 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445. \u0422\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2010-1622. \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-22963. \u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u043e Spring Cloud Function 3.1.6, 3.2.2 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u043c\u0438, \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438. \u041f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 SpEL \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438. \u041e\u043d \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c.\n\n\u041b\u0438\u0448\u044c \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u043e\u043a\u043e\u043b\u043e 37000 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell. \u0422\u0430\u043a\u0436\u0435 16% \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u043e\u0442 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041f\u043e\u043d\u0435\u0441\u043b\u0438 \u0443\u0449\u0435\u0440\u0431 28% \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435. \n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 RCE \u0440\u0435\u0448\u0438\u043b\u0438\u0441\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Spring Framework 5.3.18 \u0438 5.2.20, \u0438 Spring Boot 2.5.12 \u0438 2.6.6. \u041e\u0434\u043d\u0430\u043a\u043e \u0431\u044b\u0432\u0430\u044e\u0442 \u0441\u043b\u0443\u0447\u0430\u0438, \u043a\u043e\u0433\u0434\u0430 \u043d\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 Spring \u043d\u0430 \u0441\u0432\u043e\u0451\u043c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u0430\u0439\u0442\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n@NeKaspersky", "creation_timestamp": "2022-04-07T18:37:27.000000Z"}, {"uuid": "c558e686-7939-4b09-b644-fb7f37780395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/NeKaspersky/2088", "content": "\u041a\u0430\u0442\u0430\u0441\u0442\u0440\u043e\u0444\u0430 \u043d\u0430 Java-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Spring \u0438\u043b\u0438 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell\n\n\u041d\u043e\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell (CVE-2022-22965) \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \u0415\u0451 \u0441\u0440\u0430\u0437\u0443 \u043e\u0442\u043d\u0435\u0441\u043b\u0438 \u043a \u043a\u043b\u0430\u0441\u0441\u0443 RCE (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0435\u043c\u043e\u043c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435, \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0438 \u0442.\u043f.) \u0438 \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 9.8 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS v3.0. \u0412 \u043d\u043e\u0447\u044c \u0441\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u043d\u0430 \u0441\u0440\u0435\u0434\u0443 \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0423\u0436\u0435 \u0432 \u0441\u0440\u0435\u0434\u0443 \u043d\u0430 GitHub \u043d\u0435\u043d\u0430\u0434\u043e\u043b\u0433\u043e \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442. \u0415\u0441\u0442\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043a\u043e\u0434 \u0443\u0441\u043f\u0435\u043b\u0438 \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u043e \u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438.\n\n\u0421\u0430\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Spring Core \u0432 Java Development Kit (JDK) \u0432\u0435\u0440\u0441\u0438\u0438 9 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445. \u0422\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2010-1622. \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-22963. \u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u043e Spring Cloud Function 3.1.6, 3.2.2 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u043c\u0438, \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438. \u041f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 SpEL \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438. \u041e\u043d \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c.\n\n\u041b\u0438\u0448\u044c \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u043e\u043a\u043e\u043b\u043e 37000 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell. \u0422\u0430\u043a\u0436\u0435 16% \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u043e\u0442 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041f\u043e\u043d\u0435\u0441\u043b\u0438 \u0443\u0449\u0435\u0440\u0431 28% \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435. \n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 RCE \u0440\u0435\u0448\u0438\u043b\u0438\u0441\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Spring Framework 5.3.18 \u0438 5.2.20, \u0438 Spring Boot 2.5.12 \u0438 2.6.6. \u041e\u0434\u043d\u0430\u043a\u043e \u0431\u044b\u0432\u0430\u044e\u0442 \u0441\u043b\u0443\u0447\u0430\u0438, \u043a\u043e\u0433\u0434\u0430 \u043d\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 Spring \u043d\u0430 \u0441\u0432\u043e\u0451\u043c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u0430\u0439\u0442\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n@NeKaspersky", "creation_timestamp": "2022-04-07T18:37:27.000000Z"}, {"uuid": "ed8f6270-0b84-4cb6-911f-4f4864ccd1e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/DailyToolz/563", "content": "Spring4Shell 0Day Exploit RCE\nCVE-2022-22965\n\nDetails: https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities\n\nRequirements:\n- Python3 + pip install requests\n\nCommand : \npython exploit.py --url \"http://site.com\"\n\nAcces shell :\nsite.com//shell.jsp?cmd=id\n\nDownload : in comment\n\n#DontForgetToShare", "creation_timestamp": "2022-12-22T16:20:15.000000Z"}, {"uuid": "b29d4dad-1afc-4a39-8bc0-4b814c87ae93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22969", "type": "seen", "source": "https://t.me/ctinow/181538", "content": "https://ift.tt/zHOxJSp\nCVE-2022-22969 | Oracle Banking Liquidity Management up to 14.7.0 Common denial of service", "creation_timestamp": "2024-02-08T18:42:06.000000Z"}, {"uuid": "20c8a1b4-e409-41d1-b031-02c2812ad478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1868", "content": "#CVE-2022\n\nSpring4Shell - Spring Core RCE - CVE-2022-22965\n\nhttps://github.com/mebibite/springhound\n\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:53:53.000000Z"}, {"uuid": "3c376245-b0fb-4a6e-b19d-a0027d823d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1869", "content": "#CVE-2022\n\nSpring-0day/CVE-2022-22965\n\nhttps://github.com/nu0l/CVE-2022-22965\n\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:56:57.000000Z"}, {"uuid": "f01385cf-3fea-4ba6-98b9-36b32d6561bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22968", "type": "seen", "source": "https://t.me/cibsecurity/40833", "content": "\u203c CVE-2022-22968 \u203c\n\nIn Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T00:23:46.000000Z"}, {"uuid": "6732b1f2-6a0e-4d0a-8f46-61b60a581e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22967", "type": "seen", "source": "https://t.me/cibsecurity/44997", "content": "\u203c CVE-2022-22967 \u203c\n\nAn issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-23T20:29:56.000000Z"}, {"uuid": "cd03bb2c-cfa3-4ca7-be03-9ee6f3fe2278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22969", "type": "seen", "source": "https://t.me/cibsecurity/41259", "content": "\u203c CVE-2022-22969 \u203c\n\n Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-21T22:27:17.000000Z"}, {"uuid": "3229aef0-b79f-49c9-9fc1-61e2381d0613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22964", "type": "seen", "source": "https://t.me/cibsecurity/40516", "content": "\u203c CVE-2022-22964 \u203c\n\nVMware Horizon Client for Linux (prior to 22.x) contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T00:16:31.000000Z"}, {"uuid": "808aface-7252-444c-9f56-c446b77508ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/cibsecurity/40025", "content": "\u203c CVE-2022-22963 \u203c\n\nIn Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T02:19:59.000000Z"}, {"uuid": "69a13c91-3986-4888-a596-4fb7ee4e1a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1896", "content": "#CVE-2022\n\nVulnerability scanner for Spring4Shell (CVE-2022-22965)\n\nhttps://github.com/fracturelabs/go-scan-spring\n\n@BlueRedTeam", "creation_timestamp": "2022-04-05T01:00:42.000000Z"}, {"uuid": "5cd9897c-cbf2-4df8-8c49-8cda9cad14e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/DerechodelaRed/4030", "content": "\ud83d\udee1\u25b6\ufe0f Nuevo RCE en Java: Spring4Shell\n\nEntre el pasado 29 de marzo de 2022 y el d\u00eda de hoy se han dado a conocer dos nuevas vulnerabilidades que dan lugar a ejecuci\u00f3n remota de comandos: Spring4Shell y CVE-2022-22963. Adem\u00e1s, hay una tercera vulnerabilidad a\u00fan sin confirmar.\n\n\u25aa\ufe0f Spring4Shell: RCE confirmado en la librer\u00eda de Java Spring Core <=5.3.17.\n\u25aa\ufe0f CVE-2022-22963: RCE confirmado en Spring Cloud Function <=3.1.6 y <=3.2.2.\n\u25aa\ufe0f La tercera vulnerabilidad, a\u00fan sin confirmar, se trata de un fallo en el proceso de deserializaci\u00f3n en Spring Core que podr\u00eda dar lugar tambi\u00e9n a ataques RCE.\n\nhttps://unaaldia.hispasec.com/2022/04/nuevo-rce-en-java-spring4shell.html\n\n\ud83d\udd0a t.me/derechodelared", "creation_timestamp": "2022-04-05T12:21:54.000000Z"}, {"uuid": "325402ed-644a-4569-a14c-7ec60cbc5c53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1904", "content": "#CVE-2022\n\nSpring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)\n\nhttps://github.com/alt3kx/CVE-2022-22965\n\n@BlueRedTeam", "creation_timestamp": "2022-04-07T10:37:18.000000Z"}, {"uuid": "4d92d418-d35d-40e4-9e7d-940b4f603f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/information_security_channel/47088", "content": "Spring4Shell: Zero-Day vulnerability CVE-2022-22965 in Spring Framework\nhttps://blogs.quickheal.com/spring4shell-zero-day-vulnerability-cve-2022-22965-in-spring-framework/", "creation_timestamp": "2022-04-06T16:07:29.000000Z"}, {"uuid": "a7bdf09b-8b89-4d4a-b568-3257a7f393ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/information_security_channel/47089", "content": "A Zero-day Remote Code Execution Vulnerability with critical severity has been identified as CVE-2022-22965 aka Spring4Shell or SpringShell...\nThe post Spring4Shell: Zero-Day vulnerability CVE-2022-22965 in Spring Framework (https://blogs.quickheal.com/spring4shell-zero-day-vulnerability-cve-2022-22965-in-spring-framework/) appeared first on Quick Heal Blog | Latest computer security news, tips, and advice (https://blogs.quickheal.com/).", "creation_timestamp": "2022-04-06T16:07:30.000000Z"}, {"uuid": "e96878cd-b22d-4a29-8903-cea2daf7f544", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://t.me/information_security_channel/47112", "content": "Spring4Shell Vulnerability Exploited by Mirai Botnet\nhttps://www.securityweek.com/spring4shell-vulnerability-exploited-mirai-botnet\n\nCybersecurity firm Trend Micro on Friday confirmed some earlier reports that the new Spring4Shell vulnerability has been exploited by the Mirai botnet.\nTwo critical vulnerabilities have been patched recently in the popular Java application development framework Spring: CVE-2022-22965 (aka Spring4Shell and SpringShell) and CVE-2022-22963.\nread more (https://www.securityweek.com/spring4shell-vulnerability-exploited-mirai-botnet)", "creation_timestamp": "2022-04-08T15:05:17.000000Z"}, {"uuid": "13f40b7a-b2a1-4bcf-b42d-95d0ef421ca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/information_security_channel/47112", "content": "Spring4Shell Vulnerability Exploited by Mirai Botnet\nhttps://www.securityweek.com/spring4shell-vulnerability-exploited-mirai-botnet\n\nCybersecurity firm Trend Micro on Friday confirmed some earlier reports that the new Spring4Shell vulnerability has been exploited by the Mirai botnet.\nTwo critical vulnerabilities have been patched recently in the popular Java application development framework Spring: CVE-2022-22965 (aka Spring4Shell and SpringShell) and CVE-2022-22963.\nread more (https://www.securityweek.com/spring4shell-vulnerability-exploited-mirai-botnet)", "creation_timestamp": "2022-04-08T15:05:17.000000Z"}, {"uuid": "f4a1bb95-ae32-4c0a-b584-5eccf00ebf91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22961", "type": "seen", "source": "https://t.me/thehackernews/2058", "content": "VMware releases critical patches for several products affected by a new set of vulnerabilities (CVE-2022-22954 to CVE-2022-22961), some of which could be exploited for RCE attacks.\n\nRead details: https://thehackernews.com/2022/04/vmware-releases-critical-patches-for.html", "creation_timestamp": "2022-04-07T07:51:03.000000Z"}, {"uuid": "affc6fba-a5a3-4204-b57d-a177013acf11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22966", "type": "seen", "source": "https://t.me/thehackernews/2088", "content": "A highly-critical vulnerability (CVE-2022-22966) has been discovered in VMWare Cloud Director that can be exploited for RCE attacks, allowing attackers to gain access to sensitive data & take over private clouds within an entire infrastructure.\n\nhttps://thehackernews.com/2022/04/critical-vmware-cloud-director-bug.html", "creation_timestamp": "2022-04-15T05:47:19.000000Z"}, {"uuid": "52a91ec7-48e8-4f5f-b0c4-9fce110e52b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1870", "content": "#CVE-2022\n\nPython Script for exploiting CVE-2022-22965\n\nhttps://github.com/0xbughunter/Spring4Shell-Exploit-PoC-\n\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T11:00:59.000000Z"}, {"uuid": "890a1385-ed52-4479-a2e7-9a2986a29384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/thehackernews/2034", "content": "Important \u2014 Spring Framework maintainers have released an emergency patch to address a newly disclosed RCE vulnerability (CVE-2022-22965) that could allow unauthenticated attackers to take control of targeted systems.\n\nDetails: https://thehackernews.com/2022/03/security-patch-releases-for-critical.html", "creation_timestamp": "2022-03-31T17:37:33.000000Z"}, {"uuid": "6cd46b0b-f13d-45a8-bdeb-aa7a18a93c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1866", "content": "#CVE-2022\n\nCVE-2022-22965 poc including reverse-shell support\n\nhttps://github.com/viniciuspereiras/CVE-2022-22965-poc\n\n#CVE\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:47:46.000000Z"}, {"uuid": "3f4bf1b8-877d-41f8-89b0-7213f05b2a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1867", "content": "#CVE-2022\n\nThis includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \\\"SpringShell\\\".\n\nhttps://github.com/kh4sh3i/Spring-CVE\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:49:48.000000Z"}, {"uuid": "88bac3eb-48f4-4d6e-b09d-f78b6d3366fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1891", "content": "#CVE-2022\n\nSpring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965\n\nhttps://github.com/me2nuk/CVE-2022-22965\n\n@BlueRedTeam", "creation_timestamp": "2022-04-04T03:29:20.000000Z"}, {"uuid": "0006f3db-c0e7-46fe-868f-9f533b1e7215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1877", "content": "#CVE-2022\n\nSpring Cloud Function Vulnerable Application / CVE-2022-22963\n\nhttps://github.com/me2nuk/CVE-2022-22963\n\n@BlueRedTeam", "creation_timestamp": "2022-06-18T14:55:41.000000Z"}, {"uuid": "1c70000f-fe60-4ea6-9657-6aa0acc5639b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1882", "content": "#exploit\n1. 2 Click RCE in Evernote Android\nhttps://hackerone.com/reports/1377748\n\n2. CVE-2022-22965:\nSpring Framework RCE\nhttps://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement\n]-> https://github.com/DDuarte/springshell-rce-poc\n\n@BlueRedTeam", "creation_timestamp": "2022-04-02T10:27:02.000000Z"}, {"uuid": "545a44c7-4b49-4288-9ba7-35f09c210275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1862", "content": "#CVE-2022\n\nA Safer PoC for CVE-2022-22965 (Spring4Shell)\n\nhttps://github.com/colincowie/Safer_PoC_CVE-2022-22965\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:36:57.000000Z"}, {"uuid": "e5f7ee31-5166-40c4-9596-dfe5c52cfa1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1867", "content": "#CVE-2022\n\nThis includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \\\"SpringShell\\\".\n\nhttps://github.com/kh4sh3i/Spring-CVE\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:49:48.000000Z"}, {"uuid": "284a066f-42ac-4c4d-bc8a-82321c1fcdb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1863", "content": "Spring4Shell Proof Of Concept/Information CVE-2022-22965\n\nhttps://github.com/BobTheShoplifter/Spring4Shell-POC\n\n#CVE\n@BlackSeaHackBot", "creation_timestamp": "2022-04-01T10:38:56.000000Z"}, {"uuid": "1785ecbb-1992-4d67-8f1a-46a5e85a2534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1864", "content": "#CVE-2022\n\nSpring4Shell Proof Of Concept/Information CVE-2022-22965\n\nhttps://github.com/BobTheShoplifter/Spring4Shell-POC\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:41:14.000000Z"}, {"uuid": "b66dbea5-13b8-4178-9ae8-c554f2ae9057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1865", "content": "#CVE-2022\n\nDockerized Spring4Shell (CVE-2022-22965) PoC application and exploit\n\nhttps://github.com/reznok/Spring4Shell-POC\n\n#CVE\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:46:27.000000Z"}, {"uuid": "e866f3a5-e97a-4356-b9cc-a77b6fb5dec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-02)", "content": "", "creation_timestamp": "2026-05-02T00:00:00.000000Z"}, {"uuid": "b13899d1-2d41-4ea1-ac27-d913ad6be750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/BlueRedTeam/1920", "content": "#Blue_Team\n\n1. Firewall analysis: A portable graph based approach\nhttps://diablohorn.com/2022/04/09/firewall-analysis-a-portable-graph-based-approach\n2. Analyzing the Exploitation of Spring4Shell Vulnerability (CVE-2022-22965) in Weaponizing and Executing the Mirai Botnet Malware\nhttps://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html\n\n@BlueRedTeam", "creation_timestamp": "2022-04-11T08:02:01.000000Z"}, {"uuid": "6f7789e8-f3fd-47b1-8a99-d6d748c326f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22968", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2071", "content": "#CVE-2022\n\nTesting CVE-2022-22968\n\nhttps://github.com/MarcinGadz/spring-rce-poc\n\n@BlueRedTeam", "creation_timestamp": "2022-05-13T02:27:01.000000Z"}, {"uuid": "3b1ec080-1c78-4d93-923d-9cd778e86155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1938", "content": "#CVE-2022\n\nspring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963\n\nhttps://github.com/hktalent/spring-spel-0day-poc\n\n@BlueRedTeam", "creation_timestamp": "2022-04-15T20:52:33.000000Z"}, {"uuid": "da4e6f94-519a-4950-b308-91b898bce85d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1893", "content": "#CVE-2022\n\nNmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965) \n\nhttps://github.com/gpiechnik2/nmap-spring4shell\n\n@BlueRedTeam", "creation_timestamp": "2022-04-04T11:59:36.000000Z"}, {"uuid": "964b0045-8e44-4480-b92a-2b465ab28c7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5781", "content": "#Blue_Team_Techniques\n1. A list of open source web security scanners\nhttps://github.com/psiinon/open-source-web-scanners\n2. Script to check for Spring4Shell vulnerability\nhttps://github.com/jrgdiaz/Spring4Shell-CVE-2022-22965.py\n3. A fully automated, reliable, and accurate scanner for finding Spring4Shell/Spring Cloud RCE vulnerabilities\nhttps://github.com/fullhunt/spring4shell-scan", "creation_timestamp": "2022-04-10T13:43:13.000000Z"}, {"uuid": "0ab359d5-cc85-4301-8c6d-ba0969d2d680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1895", "content": "#CVE-2022\n\nPowerShell port of CVE-2022-22965 vulnerability check by colincowie.\n\nhttps://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck\n\n@BlueRedTeam", "creation_timestamp": "2022-04-04T19:18:05.000000Z"}, {"uuid": "63a3be50-8a1b-42bc-b692-bfc1d55ff1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1418", "content": "https://github.com/sule01u/SBSCAN\nspring \u6e17\u900f\u6d4b\u8bd5\u6846\u67b6 \u652f\u6301\nCVE-2018-1273\nCVE-2019-3799\nCVE-2020-5410\nCVE-2022-22947\nCVE-2022-22963\nCVE-2022-22965\n\n#github #tools", "creation_timestamp": "2023-11-02T13:56:07.000000Z"}, {"uuid": "a86d4936-65be-4e79-9447-e25611fb794d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1148", "content": "https://github.com/zangcc/CVE-2022-22965-rexbb\nCVE-2022-22965\\Spring-Core-RCE\u56fe\u5f62\u5316GUI\u4e00\u952e\u5229\u7528\u5de5\u5177\n#github  #tools", "creation_timestamp": "2023-09-20T16:07:48.000000Z"}, {"uuid": "c04d5bce-1b75-4c89-8682-f46453f60017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1965", "content": "https://github.com/charonlight/SpringExploitGUI?tab=readme-ov-file\n\n\u4e00\u6b3eSpring\u7efc\u5408\u6f0f\u6d1e\u5229\u7528\u5de5\u5177 \u652f\u6301Spring Cloud Gateway RCE(CVE-2022-22947)\u3001Spring Framework RCE (CVE-2022-22965) \u7684\u6279\u91cf\u68c0\u6d4b\u4ee5\u53ca\u5229\u7528\n#github #tools #Java", "creation_timestamp": "2024-02-07T09:17:47.000000Z"}, {"uuid": "60096d75-29bf-4576-ae30-aba114951d95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1418", "content": "https://github.com/sule01u/SBSCAN\nspring \u6e17\u900f\u6d4b\u8bd5\u6846\u67b6 \u652f\u6301\nCVE-2018-1273\nCVE-2019-3799\nCVE-2020-5410\nCVE-2022-22947\nCVE-2022-22963\nCVE-2022-22965\n\n#github #tools", "creation_timestamp": "2023-11-02T13:56:07.000000Z"}, {"uuid": "d76fa0cd-bb29-477e-8c9d-761c37e07386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5726", "content": "#exploit\n1. 2 Click RCE in Evernote Android\nhttps://hackerone.com/reports/1377748\n\n2. CVE-2022-22965:\nSpring Framework RCE\nhttps://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement\n]-> https://github.com/DDuarte/springshell-rce-poc", "creation_timestamp": "2022-04-02T13:12:01.000000Z"}, {"uuid": "97ad14d6-2abe-45af-b442-57faae8d1af7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5711", "content": "#Threat_Research\nSpring4Shell (CVE-2022-22963):\nSpring Core RCE 0-day Vulnerability\nhttps://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html\n]-> Hardening: https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html\n]-> Repo: https://github.com/BobTheShoplifter/Spring4Shell-POC", "creation_timestamp": "2022-03-31T11:07:01.000000Z"}, {"uuid": "60b4eb1e-5dda-4d3e-8205-d01bb7a58374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/7395", "content": "#Analytics\nTop 10 most exploited vulnerabilities in 2022\n\n1. CVE-2022-30190: MS Office \"Follina\"\n2. CVE-2021-44228: Apache Log4Shell\n3. CVE-2022-22965: Spring4Shell\n4. CVE-2022-1388: F5 BIG-IP\n5. CVE-2022-0609: Google Chrome 0-day\n6. CVE-2017-11882: MS Office RCE\n7. CVE-2022-41082, CVE-2022-41040: ProxyNotShell\n8. CVE-2022-27925, CVE-2022-41352: Zimbra Collaboration Suite bugs\n9. CVE-2022-26134: Atlassian Confluence RCE\n10. CVE-2022-30525: Zyxel RCE vulnerability", "creation_timestamp": "2024-10-11T03:03:25.000000Z"}, {"uuid": "e7e409a8-cc4f-4615-82eb-7ccd850ff67e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5785", "content": "#Blue_Team_Techniques\n1. Firewall analysis: A portable graph based approach\nhttps://diablohorn.com/2022/04/09/firewall-analysis-a-portable-graph-based-approach\n2. Analyzing the Exploitation of Spring4Shell Vulnerability (CVE-2022-22965) in Weaponizing and Executing the Mirai Botnet Malware\nhttps://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html", "creation_timestamp": "2022-04-11T12:44:55.000000Z"}, {"uuid": "42f0d4b9-1265-405c-a9bc-008a93f514d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/hMkE2PfNl9y0pgJJRDyurEwmJZXYDsszQ8x8spuf9FUuWGM", "content": "", "creation_timestamp": "2022-03-31T12:53:28.000000Z"}, {"uuid": "6c340be4-6a9b-494b-af69-53c7bc593089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22960", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6118", "content": "#Offensive_security\n1. Python script to exploit CVE-2022-22954 and CVE-2022-22960\nhttps://github.com/Chocapikk/CVE-2022-22954\n2. A webshell plugin and interactive shell for pentesting a LimeSurvey application\nhttps://github.com/p0dalirius/LimeSurvey-webshell-plugin", "creation_timestamp": "2022-06-02T11:01:01.000000Z"}, {"uuid": "2ab644ab-077f-4714-85ed-f9b2f76d0a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5786", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Mar 1-31)\n\nCVE-2022-1096 - Type Confusion in V8\nhttps://github.com/Maverick-cmd/Chrome-and-Edge-Version-Dumper\nCVE-2022-0847 - Dirty Pipe Vuln\nhttps://t.me/CyberSecurityTechnologies/5560\nCVE-2022-0778 - OpenSSL Illegal x.509 certificate construction\nhttps://t.me/CyberSecurityTechnologies/5692\nCVE-2022-0492 - Privilege escalation vuln causing container escape\nhttps://sysdig.com/blog/detecting-mitigating-cve-2022-0492-sysdig\nCVE-2022-22947 - Spring Cloud Gateway RCE\nhttps://t.me/CyberSecurityTechnologies/5554\nCVE-2022-22963 - Spring Core RCE\nhttps://t.me/CyberSecurityTechnologies/5711\nCVE-2022-25636 - net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write\nhttps://t.me/CyberSecurityTechnologies/5570\nCVE-2022-27254 - Vuln in Honda's Remote Keyless System\nhttps://github.com/nonamecoder/CVE-2022-27254\nCVE-2022-0609 - https://blog.google/threat-analysis-group/countering-threats-north-korea", "creation_timestamp": "2022-04-11T11:00:21.000000Z"}, {"uuid": "55315050-aac8-48f9-8e75-e17c5cdbe5ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/YWFq1kO-0vBzxqojGeacVsj25iQkaFTGhDsSqxKGOTwD_A", "content": "", "creation_timestamp": "2022-04-04T18:21:14.000000Z"}, {"uuid": "fe671ec4-4e2f-4123-a530-43abb8b01d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7956", "content": "#exploit\n1. CVE-2022-22963:\nVulnerability in the Spring Cloud Function Framework for Java that allows RCE\nhttps://github.com/J0ey17/CVE-2022-22963_Reverse-Shell-Exploit\n\n2. CVE-2023-0861:\nCommand Injection Vulnerability  in NetModule Routers\nhttps://github.com/seifallahhomrani1/CVE-2023-0861-POC", "creation_timestamp": "2023-03-19T13:41:00.000000Z"}, {"uuid": "29726dee-97dc-4fab-9648-d7329a77ba27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-229600", "type": "exploited", "source": "https://t.me/true_secator/2957", "content": "VMware \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Workspace ONE Access, VMware Identity Manager (vIDM) \u0438 vRealize Automation.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-22972 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0411\u0440\u0443\u043d\u043e \u041b\u043e\u043f\u0435\u0441 \u0438\u0437 Innotec Security. \u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0432\u0442\u043e\u0440\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-22973 \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u00abroot\u00bb. \u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 VMware Workspace ONE, VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), \u041e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u0444\u043e\u043d\u0434 VMware, vRealize Suite.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0431\u0430\u0433, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f\u043c\u0438 \u0432 VMSA-2021-0014\n\u00a0\nVMware \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u042d\u0442\u0438 \u043c\u0435\u0440\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u0440\u043e\u043c\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0432\u0445\u043e\u0434\u043e\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0447\u0435\u0440\u0435\u0437 SSH \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0441\u043b\u0443\u0436\u0431\u044b Horizon-Workspace.\n\n\u0412 \u0442\u043e\u0436\u0435 \u0432\u0440\u0435\u043c\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0438\u0445 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c, \u0441\u043a\u043b\u043e\u043d\u044f\u044f\u0441\u044c \u043a \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u043c\u0443 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 - \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432.\n\nVMware \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u0439 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043e\u0434\u043d\u0430\u043a\u043e \u0435\u0441\u043b\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0432\u044b\u0448\u0435\u0434\u0448\u0443\u044e \u0432\u0447\u0435\u0440\u0430 \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0443 22-03 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 (CISA) \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2022-22972 \u0438 CVE-2022-22973 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 5 \u0434\u043d\u0435\u0439, \u0442\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0440\u0438\u0441\u043a \u0430\u0442\u0430\u043a \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0435\u0438\u0437\u0431\u0435\u0436\u0435\u043d. \n\n\u0412 \u043f\u0440\u043e\u0448\u043b\u044b\u0439 \u0440\u0430\u0437 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u043b\u043e\u0441\u044c 48 \u0447\u0430\u0441\u043e\u0432 \u043d\u0430 \u0440\u0435\u0432\u0435\u0440\u0441-\u0438\u043d\u0436\u0438\u043d\u0435\u0440\u0438\u043d\u0433 \u043f\u0430\u0442\u0447\u0435\u0439 (\u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2022-229600 \u0438 CVE-2022-22954) \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2022-05-19T12:12:49.000000Z"}, {"uuid": "4a85a3d0-c53e-4036-875e-5e34d38b527d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "seen", "source": "https://t.me/LearnExploit/4351", "content": "1. Follina (CVE-2022-30190)\n\n2. Log4Shell (CVE-2021-44228)\n\n3. Spring4Shell (CVE-2022-22965)\n\n4. F5 BIG-IP (CVE-2022-1388)\n\n5. Google Chrome zero-day (CVE-2022-0609)\n\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n\n10. Zyxel RCE vulnerability (CVE-2022-30525)\n\n#Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:38.000000Z"}, {"uuid": "81ca2836-a62e-4756-ac4a-43a155dcf505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/101", "content": "https://github.com/charonlight/SpringExploitGUI?tab=readme-ov-file\n\n\u4e00\u6b3eSpring\u7efc\u5408\u6f0f\u6d1e\u5229\u7528\u5de5\u5177 \u652f\u6301Spring Cloud Gateway RCE(CVE-2022-22947)\u3001Spring Framework RCE (CVE-2022-22965) \u7684\u6279\u91cf\u68c0\u6d4b\u4ee5\u53ca\u5229\u7528\n#github #tools #Java", "creation_timestamp": "2024-12-21T15:49:29.000000Z"}, {"uuid": "a7538af8-4717-45dc-9314-a8475b517bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22965", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1046", "content": "https://github.com/zangcc/CVE-2022-22965-rexbb\nCVE-2022-22965\\Spring-Core-RCE\u56fe\u5f62\u5316GUI\u4e00\u952e\u5229\u7528\u5de5\u5177\n#github  #tools", "creation_timestamp": "2024-08-16T08:28:17.000000Z"}]}